CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Couponphp: >> Couponphp >> 1.1.0 Security Vulnerabilities

CVE-2014-10035

Multiple cross-site scripting (XSS) vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the (1) sEcho parameter to comments_paginate.php or (2) stores_paginate.php or the (3) affiliate_url, (4) description, (5) domain, (6) seo[description], (7) seo[heading], (8) seo[title], (9) seo[keywords], (10) setting[logo], (11) setting[perpage], or (12) setting[sitename] to admin/index.php.

CVSS Score

4.3

EPSS Score

0.098

Published

2015-01-13

CVE-2014-10034

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.

CVSS Score

6.5

EPSS Score

0.019

Published

2015-01-13

Page 1

Vulnerabilities

Vulnerable Software

Couponphp: >> Couponphp >> 1.1.0 Security Vulnerabilities

Products

Pricing

Contact Us