3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data.
https://exchange.xforce.ibmcloud.com/vulnerabilities/10746
http://www.securityfocus.com/bid/6296
http://www.securityfocus.com/archive/1/301863
http://securityreason.com/securityalert/3263
http://cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00081.html