Lucene search

MitreCVE-2002-2302

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2302

2007-10-1810:00:00

CWE-264

mitre

web.nvd.nist.gov

3d3.com

shopfactory

remote attackers

price modification

nvd

cve-2002-2302

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.9%

JSON

3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field.

Affected configurations

Nvd

Node

3d3.comshopfactoryMatch5.5

3d3.comshopfactoryMatch5.6

3d3.comshopfactoryMatch5.8

VendorProductVersionCPE
3d3.comshopfactory5.5cpe:2.3:a:3d3.com:shopfactory:5.5:*:*:*:*:*:*:*
3d3.comshopfactory5.6cpe:2.3:a:3d3.com:shopfactory:5.6:*:*:*:*:*:*:*
3d3.comshopfactory5.8cpe:2.3:a:3d3.com:shopfactory:5.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
3d3.com	shopfactory	5.5	cpe:2.3:a:3d3.com:shopfactory:5.5:::::::*
3d3.com	shopfactory	5.6	cpe:2.3:a:3d3.com:shopfactory:5.6:::::::*
3d3.com	shopfactory	5.8	cpe:2.3:a:3d3.com:shopfactory:5.8:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-12/0018.html

cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00081.html

www.securityfocus.com/bid/6296

www.trust-factory.com/TF20021004.html

exchange.xforce.ibmcloud.com/vulnerabilities/10746

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.9%

JSON

Related for CVE-2002-2302