|
|
OneWorldStore IDOrder Information Disclosure Vulnerability
No exploit is required. The following proof of concept URIs are available: http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=1 http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=2 http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=3 http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder= |
|
Privacy Statement |