CVE-2017-14653 in AspCMSinfo

Summary

member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/21/2017

Disclosure

09/22/2017

CPE

ready

CVSS

5.4

EPSS

0.00214

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2017-14653
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2017-14653
CVE Detailshttps://www.cvedetails.com/cve/CVE-2017-14653/

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!