Filtered by vendor 3d3.com
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2024-02-04 | 6.4 MEDIUM | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | |||||
| CVE-2002-2303 | 1 3d3.com | 1 Shopfactory | 2024-02-04 | 7.8 HIGH | N/A |
| 3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data. | |||||