CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-4143

user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.1%

CVSS Severity

CVSS v2 Score 4.0

References

http://securityreason.com/securityalert/2958
http://www.securityfocus.com/archive/1/474936/100/0/threaded
http://www.securityfocus.com/bid/25116
https://exchange.xforce.ibmcloud.com/vulnerabilities/35664
http://securityreason.com/securityalert/2958
http://www.securityfocus.com/archive/1/474936/100/0/threaded
http://www.securityfocus.com/bid/25116
https://exchange.xforce.ibmcloud.com/vulnerabilities/35664

Products affected by CVE-2007-4143

Phpcoupon » Phpcoupon » Version: Any

cpe:2.3:a:phpcoupon:phpcoupon:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4143

Products

Pricing

Contact Us