### 简要描述:
1
### 详细说明:
```
http://wooyun.org/bugs/wooyun-2015-096948
```
路人甲已经把xss挖透了,那么我们不挖xss了,我们转战挖越权
收货地址存在越权修改
[<img src="https://images.seebug.org/upload/201505/021932117b7063e695423a902c1ec41ed86cddfe.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/021932117b7063e695423a902c1ec41ed86cddfe.png)
[<img src="https://images.seebug.org/upload/201505/0219321830a44b8b4ade1bfd54790692db9192b6.png" alt="5.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/0219321830a44b8b4ade1bfd54790692db9192b6.png)
### 漏洞证明:
```
http://wooyun.org/bugs/wooyun-2015-096948
```
路人甲已经把xss挖透了,那么我们不挖xss了,我们转战挖越权
收货地址存在越权修改
[<img src="https://images.seebug.org/upload/201505/021932117b7063e695423a902c1ec41ed86cddfe.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/021932117b7063e695423a902c1ec41ed86cddfe.png)
[<img src="https://images.seebug.org/upload/201505/0219321830a44b8b4ade1bfd54790692db9192b6.png" alt="5.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/0219321830a44b8b4ade1bfd54790692db9192b6.png)
京公网安备 11010502034610号
暂无评论