CVE-2007-3173

CVE-2007-3173

EPSS 1.2%

Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/38338 https://exchange.xforce.ibmcloud.com/vulnerabilities/34574 http://www.securityfocus.com/archive/1/469911/100/0/threaded