E-Commerce System Security Checklist
Logical loopholes refer to programs that cannot be processed normally or process errors due to poor control of program logic input or too complex logic. Logical loopholes are generated in different ways according to different functional requirements. It generally appears in the login and registration of website programs, password recovery, verification methods, information viewing, transaction payment amounts, etc. In this series, we will give you a complete security checklist that will show you potential dangers in your system for example blogs, news, and e-commerce...
Ecommerce Security Checklist: Sweepstakes, Coupon
Sweepstakes/PromotionVoucher/Coupon Sweepstakes/Promotion - random draw- Stolen prizes/points- Tampering with ...
E-Commerce System Security ChecklistPayment Logic Vulnerability of E-Commerce
Vulnerabilities caused by imprecise logic in the payment link are called payment loopholes. Test ideas As long...
E-Commerce System Security ChecklistLogical Exploits Of Arbitrary URL Jump
The url redirection vulnerability is also called exploit redirection vulnerability, which can redirect the use...
E-Commerce System Security ChecklistLogical Exploits Of Brute Force, Password Recovery
Brute Force / Credential Stuffing First, if there is no verification code or the verification code can b...
E-Commerce System Security ChecklistLogical Exploits Of Frontend Validation, Time Limit
Breaking through the time limit Time-limited activities on some websites set the time range of the activity, a...
E-Commerce System Security ChecklistLogical Exploits Of Integer Overflow
Note: When doing an overflow test, it may cause the target server to go down, and you need to apply for author...
E-Commerce System Security ChecklistLogical Exploits Of Order, Payment
Order Close Create an order with a coupon and stay on the payment interface close order, return to coupon Use ...
E-Commerce System Security ChecklistLogical Exploits Of Membership Upgrade
Use A mobile phone to log in account A, and open membership. To open a super member, enter the upgrade page, a...
E-Commerce System Security ChecklistLogical Exploits Of Contract Vulnerability
1- Use A mobile phone to log in to account A to open the service to be tested, click on automatic renewal, and...
E-Commerce System Security ChecklistLogical Exploits Of Flaws In a Cookie/Token Design
The validation value of the cookie is too simple. Some web pages are too single or simple to generate cookies,...
E-Commerce System Security Checklist