CVE-2017-14653

2017-09-22T07:29:00
ID CVE-2017-14653
Type cve
Reporter cve@mitre.org
Modified 2017-10-05T14:31:00

Description

member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter.