ShopEx4. 8 5 vulnerability the shipping address can be any view modify delete a-vulnerability warning-the black bar safety net

Ordinary members, after logging in, by a maliciously constructed URL can be achieved for the entire site shipping address to view, modify, and delete. Causing the user sensitive privacy leak and website, unnecessary losses. Detailed description: core/shop/controller/ctl. member. php file //Modify...