CVE-2013-3596 Information

Description

AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbitrary customers’ orders via a modified id parameter.

Reference

http://osvdb.org/96801 http://www.kb.cert.org/vuls/id/704526