CVE-2005-4447

Name of the Vulnerable Software and Affected Versions phpCOIN version 1.2.2

Description The issue allows remote attackers to modify SQL syntax, possibly executing SQL in limited circumstances, via the rec next parameter in the articles/articles funcs.php file. This could result in an error message path disclosure due to a syntax error in some environments.

Recommendations For phpCOIN version 1.2.2, avoid using the rec next parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the articles/articles funcs.php file to minimize the risk of exploitation.