Web Parameter Tampering

From Plex-XML

Revision as of 08:25, 3 March 2009 by Zwirnerj (Talk | contribs)

(diff) ←Older revision | Current revision (diff) | Newer revision→ (diff)

The Web Parameter Tampering attack is based on manipulation of parameters exchanged between client and server in order to modify application data such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields or URL Query Strings and is used to increase application functionality and control.

continued on the OWASP Wiki...

See Secured Fields for Plex-XML form fields that should be protected against tampering.

Retrieved from "http://wiki.plex-xml.com/index.php/Web_Parameter_Tampering"

Categories: Request-Configuration | Security