CVE-2007-4143

2007-08-03T20:17:00
ID CVE-2007-4143
Type cve
Reporter cve@mitre.org
Modified 2018-10-15T21:33:00

Description

user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.