Arbitrary Order Information Disclosure in ASP4CMS AspCMS 2.7.2
CVE-2017-14653 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter.
Learn more about our Cms Pen Testing.