2 matches found
CVE-2016-4837
SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-4837
The CVE-2016-4837 issue affects the EC-CUBE ecosystem: the Seed Coupon plugin (Coupon Plugin) is vulnerable to SQL injection (CWE-89) in versions before 1.6. The underlying flaw allows a remote attacker to manipulate or access database data via unspecified vectors. Impact is high, with potential ...