How I was able to buy t-shirt for €1 — Payment Price Manipulation
Today I am gonna share a simple but critical vulnerability with you guys. This vulnerability called payment price manipulation, by using this vulnerability, I was able to buy any product for just €1
So let’s see what was the whole vulnerability-
So firstly I added a product in the cart and captured the request in burp.
And captured this post request but nothing suspicious, so I moved forward and check for further, after that I got a page like this.
But one thing caught my attention that is ‘QUANTITY’ If I increment One unit then what will be the Subtotal Price then I simply Increment a Unit and captured the request again.
Then I found some parameters which were carrying the subtotal amount shipping amount and everything’s so I changed the all price parameters value to 0.00 except sub_total and total I changed those two parameters value to €1 And forwarded the request & redirected to Payment Page.
I made the payment and confirmed the order.
I hope you enjoyed this article. Let me know your thoughts on this one. Thanks for reading.
Bounty Rewarded: 2000€
Find me on twitter @TheMuztahidul