6 matches found
EUVD-2013-3530
Malware in sbrugna...
CVE-2013-3596
AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbitrary customers' orders via a modified id parameter...
Design/Logic Flaw
AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbitrary customers' orders via a modified id parameter...
CVE-2013-3596
AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbitrary customers' orders via a modified id parameter...
CVE-2013-3596
AdvancePro Advanceware is affected by CVE-2013-3596. The vulnerability is a privilege bypass that allows remote authenticated users to view order information for other customers by manipulating the id parameter, causing information leakage (CWE-200). The issue arises from insufficient access cont...
AdvancePro Technologies Advanceware software suite vulnerable to privilege bypass
Overview AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in information leakage CWE-200. Description CWE-200: Information Exposure AdvancePro Technologies Advanceware software suite contains a privilege bypass vulnerability, resulting in...