CVE

Id
27500  
CVE No.
CVE-2007-4143  
Status
Candidate  
Description
user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.  
Phase
Assigned (20070803)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
283029 27500 CVE-2007-4143 BUGTRAQ:20070728 phpCoupon Vulnerabilities  View
283030 27500 CVE-2007-4143 URL:http://www.securityfocus.com/archive/1/archive/1/474936/100/0/threaded  View
283031 27500 CVE-2007-4143 BID:25116  View
283032 27500 CVE-2007-4143 URL:http://www.securityfocus.com/bid/25116  View
283033 27500 CVE-2007-4143 SREASON:2958  View
283034 27500 CVE-2007-4143 URL:http://securityreason.com/securityalert/2958  View
283035 27500 CVE-2007-4143 XF:phpcoupon-payment-security-bypass(35664)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53766 JVNDB-2007-002458 v2.ocx の BlueSkychat ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 v2.ocx の BlueSkychat (BlueSkyCat) ActiveX コントロールには、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-4145 27500 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002458.html  View