CVE-2008-4090

Publication date

2008-09-15 16:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672.