MidnightBSD

Advisories for asp4cms

CVE-2017-14653 MEDIUM

member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
asp4cms aspcms 2.7.2