Logical Exploits Of Order Amount 2023

By XiaoXin
A Bit Randomly

The @layer at-rule in CSS is used to declare a cascade layer, which is a collection of style rules that apply to a specific element or group of elements in your document. The @layer rule specifies the name of the laye... Read What Is @layer In CSS

Main Contents

Logical Exploits Of Order Amount

The order amount can be modified 

Many small and medium-sized shopping websites have the loophole of arbitrary modification of the order amount. Grab the data packet or directly modify the front-end code when submitting the order, and then modify the amount of the order arbitrarily.

Most of the frequently seen parameters are: rmb, value, amount, cash, fee, money, etc.

There are still many ideas about the logical loopholes in payment, such as increasing the order quantity for the same price, reducing the product price for the same order quantity, setting the order price as a negative number, and so on.

Please Share This Article Thank You!

Parts of E-Commerce System Security Checklist
Logical Exploits Of Unauthorized Access

Due to the lack of verification of user login credentials or flaws in the verification of some business interfaces, hackers can access sensitive information without authorization or even perform unauthorized operations. Ge...

Logical Exploits Of User Information Disclosure

There may be using personal information pages, password recovery places, and various places where user information data is called. Check whether the returned information is loaded with some sensitive data information by ca...