Renganathan Profile picture
17 • Building R Protocols • Ethical Hacker • Security Researcher • 30+ media Presence • Secured UN, Canva, LinkedIn & 20+ Companies.
14 Sep
A thread common E-Commerce Vulnerabilities.

Retweet, let others also know this ^_^
- Parameter tampering AKA Price Manipulation
- CSRF in adding or removing items on/from the victim's cart
- IDOR in adding or removing items on/from the victim's cart
- Increase the value of a voucher and getting high discounts
- Adding multiple voucher's in JSON table
- Add blind XSS payloads in the address fields it might be fired in their admin panel (some easy $$$)
- IDOR in cancelling the victim's ordered items
- CSRF to cancel the orders placed by victim
Read 4 tweets