CVE-2002-0409 — MEDIUM severity vulnerability (orderdetails.aspx, as made available to Microsoft .NET devel)
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
| CVE ID | CVE-2002-0409 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2002-07-26 |
| Last modified | 2026-04-16 |
| Description | orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →