source: http://www.securityfocus.com/bid/25116/info phpCoupon is prone to a remote payment-bypass vulnerability because the application fails to properly secure PayPal payment transactions. Successfully exploiting this issue allows remote attackers to perform payment transactions in the application without actually paying money. This allows them to obtain services for free. The following URI demonstrates this issue: http://www.example.com/path/user.php?REQ=auth&billing=141&status=success&custom=upgrade5 The '141' and the 'upgrade5' values may vary from installation to installation.
Related ExploitsTrying to match CVEs (1): CVE-2007-4143
Trying to match OSVDBs (1): 39027
Other Possible E-DB Search Terms: phpCoupon