Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T14:02:38.178Z

Reserved: 2015-01-13T00:00:00

Link: CVE-2014-10034

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2015-01-13T15:59:43.490

Modified: 2025-04-12T10:46:40.837

Link: CVE-2014-10034

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.