2 matches found
CVE-2010-4854
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action...
CVE-2010-4854
CVE-2010-4854 affects Zuitu 1.6, specifically the Ajax endpoint ajax/coupon.php. The vulnerability arises in the consume action where the id parameter can be exploited to perform SQL injection when magic_quotes_gpc is disabled. This allows remote attackers to potentially execute arbitrary SQL com...