SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpcoin | Coinsoft_technologies | 1.2.1 | 1.2.1 |
Phpcoin | Coinsoft_technologies | 1.2.1b | 1.2.1b |
Phpcoin | Coinsoft_technologies | 1.2 | 1.2 |