How I was able to buy t-shirt for €1 — Payment Price Manipulation

Today I am gonna share a simple but critical vulnerability with you guys. This vulnerability called payment price manipulation, by using this vulnerability, I was able to buy any product for just €1
So let’s see what was the whole vulnerability-

So firstly I added a product in the cart and captured the request in burp.

And captured this post request but nothing suspicious, so I moved forward and check for further, after that I got a page like this.

But one thing caught my attention that is ‘QUANTITY’ If I increment One unit then what will be the Subtotal Price then I simply Increment a Unit and captured the request again.

Then I found some parameters which were carrying the subtotal amount shipping amount and everything’s so I changed the all price parameters value to 0.00 except sub_total and total I changed those two parameters value to €1 And forwarded the request & redirected to Payment Page.

I made the payment and confirmed the order.

I hope you enjoyed this article. Let me know your thoughts on this one. Thanks for reading.

Bounty Rewarded: 2000€

Find me on twitter @TheMuztahidul

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store