CVE-2014-10034

2015-01-13T15:59:00
ID CVE-2014-10034
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T01:29:00

Description

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.