An attacker exploits the logic validation mechanisms of an e-commerce website. He successfully purchases a product worth $100 for $10 by modifying the URL exchanged between the client and the server.

Last Updated on August 1, 2021 by Admin

An attacker exploits the logic validation mechanisms of an e-commerce website. He successfully purchases a product worth $100 for $10 by modifying the URL exchanged between the client and the server.

Original URL: http://www.buyonline.com/product.aspx?profile=12&debit=100
Modified URL: http://www.buyonline.com/product.aspx?profile=12&debit=10

Identify the attack depicted in the above scenario.

• Denial-of-Service Attack
• SQL Injection Attack
• Parameter Tampering Attack
• Session Fixation Attack