Share this page!

Renganathan Profile picture
Twitter logo
14 Sep, 4 tweets, 1 min read
A thread common E-Commerce Vulnerabilities.

Retweet, let others also know this ^_^
- Parameter tampering AKA Price Manipulation
- CSRF in adding or removing items on/from the victim's cart
- IDOR in adding or removing items on/from the victim's cart
- Increase the value of a voucher and getting high discounts
- Adding multiple voucher's in JSON table
- Add blind XSS payloads in the address fields it might be fired in their admin panel (some easy $$$)
- IDOR in cancelling the victim's ordered items
- CSRF to cancel the orders placed by victim
A thread, * 😅

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Renganathan

Renganathan Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @IamRenganathan

Renganathan Profile picture
8 Sep
A Thread about Blind XSS tips

Pro Tip: Bookmark this tweet!
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @IamRenganathan has new unrolls!

Check out other threads from @IamRenganathan!

Read all threads by @IamRenganathan

:(