← CVECheck
HomeVulnerabilities

CVE-2002-0409 — MEDIUM severity vulnerability (orderdetails.aspx, as made available to Microsoft .NET devel)

orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.

CVE IDCVE-2002-0409
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-07-26
Last modified2026-04-16
Descriptionorderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →