PHP Scripts Mall Custom T-Shirt Ecommerce Script has Parameter Tampering: [CVE-2019-9065]


Vulnerability Description => Parameter tampering is a form of Web-based attack in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user’s authorization. Parameter tampering can result in product price manipulation.





↓ ↓ ↓ ↓ How to Exploit: ↓ ↓ ↓ ↓



1. Go to Custom T-Shirt Ecommerce Script site (http://readymadescript.org/demo/custom-t-shirt//index.php)
⇓ ⇓ ⇓ ⇓




2. Click on register and register using your essential details
⇓ ⇓ ⇓ ⇓




3. Verify your account
⇓ ⇓ ⇓ ⇓




4. Come back again Custom T-Shirt Ecommerce Script site and log in into your account
⇓ ⇓ ⇓ ⇓




5. Go home, then select any Product for buy and click start design (etc T-shirt)
⇓ ⇓ ⇓ ⇓




6. Customize your shirt, then Save Front side and back side
⇓ ⇓ ⇓ ⇓




7. Click Add to bag and click Process to checkout
⇓ ⇓ ⇓ ⇓




8. Make sure that burp interceptor is on and Fill up billing details then Click Process to checkout
⇓ ⇓ ⇓ ⇓




9. Now find the total value that you want to change (etc: 1020 rupees)
⇓ ⇓ ⇓ ⇓




10. Change the total value into 1 or any value you want and forward the request
⇓ ⇓ ⇓ ⇓




11. Now off burp interceptor and now you can see the money value changed (1020 rupees to 1 rupee)
⇓ ⇓ ⇓ ⇓

Advertisements

One thought on “PHP Scripts Mall Custom T-Shirt Ecommerce Script has Parameter Tampering: [CVE-2019-9065]

Add yours

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a website or blog at WordPress.com

Up ↑

Create your website at WordPress.com
Get started
%d bloggers like this: