7.8
CVE-2002-2303
- EPSS 1.03%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Login3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
3d3.Com ≫ Shopfactory Version5.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.03% | 0.591 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:C/A:N
|
http://cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00081.html
http://www.securityfocus.com/bid/6296
https://exchange.xforce.ibmcloud.com/vulnerabilities/10746
http://securityreason.com/securityalert/3263
http://www.securityfocus.com/archive/1/301863