CVE-2002-2303
N/A
N/A
Summary
3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10746
- http://cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00081.html
- http://securityreason.com/securityalert/3263
- http://www.securityfocus.com/archive/1/301863
- http://www.securityfocus.com/bid/6296
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10746
- http://cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00081.html
- http://securityreason.com/securityalert/3263
- http://www.securityfocus.com/archive/1/301863
- http://www.securityfocus.com/bid/6296
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.