Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Aspsitem | Aspsitem | * | 2.0 (including) |
Aspsitem | Aspsitem | 1.83 (including) | 1.83 (including) |