← CVECheck
HomeVulnerabilities

CVE-2002-2303 — HIGH severity vulnerability (3D3.Com ShopFactory 5.8 uses client-side encryption and decr)

3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.

CVE IDCVE-2002-2303
SeverityHIGH
CVSS score7.8
CVSS vectorAV:N/AC:L/Au:N/C:N/I:C/A:N
CWECWE-310
StatusModified
Published2002-12-31
Last modified2026-04-16
Description3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →