Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2303 | 1 3d3.com | 1 Shopfactory | 2024-11-20 | 7.8 HIGH | N/A |
3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data. | |||||
CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2024-11-20 | 6.4 MEDIUM | N/A |
3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. |