3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-10-18T10:00:00
Updated: 2017-07-28T12:57:01
Reserved: 2007-10-17T00:00:00
Link: CVE-2002-2303
JSON object: View
NVD Information
Status : Modified
Published: 2002-12-31T05:00:00.000
Modified: 2017-07-29T01:29:04.687
Link: CVE-2002-2303
JSON object: View
Redhat Information
No data.
CWE