Ecw · Ecw-Shop · CVE-2005-2623
**Name of the Vulnerable Software and Affected Versions**
ECW-Shop version 6.0.2
**Description**
The issue allows remote attackers to manipulate the total cost of their shopping cart. By specifying a negative quantity for an item, the price of the item is subtracted from the total cost, potentially reducing the total cost of the cart.
**Recommendations**
For ECW-Shop version 6.0.2, consider implementing validation to prevent negative quantities from being specified in the shopping cart, or restrict the ability to modify quantities in a way that could lead to a negative total cost.