Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| groupon_clone_script_project | groupon_clone_script | 3.01 |
Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| groupon_clone_script_project | groupon_clone_script | 3.0.2 |