Описание
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:.net_framework:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.52891
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
EPSS
Процентиль: 98%
0.52891
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other