CVE-2000-0135

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Feb 1, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0135 is a vulnerability affecting the @Retail shopping cart application. This issue enables remote users to surreptitiously modify sensitive purchase information by manipulating hidden form fields, potentially leading to unauthorized changes to customer orders and financial data. This vulnerability poses a significant risk to online shoppers, allowing attackers to alter product quantities, prices, and even payment details. Retailers using this application should promptly apply the available patch to prevent potential data breaches and maintain customer trust.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlWw3
https://www.cve.org/CVERecord?id=CVE-2000-0135
https://nvd.nist.gov/vuln/detail/CVE-2000-0135

Back to Vulnerability Database

CVE-2000-0135

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations