nerdexam
EC-Council

312-50V11 · Question #406

While using your bank's online servicing you notice the following string in the URL bar: &Camount= 21" You observe that if you modify the Damount & Camount values and submit the request, that data on

The correct answer is A. Web Parameter Tampering. The Web Parameter Tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hi

Hacking Web Applications

Question

While using your bank's online servicing you notice the following string in the URL bar:

&Camount= 21" You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes. Which type of vulnerability is present on this site?

Options

  • AWeb Parameter Tampering
  • BCookie Tampering
  • CXSS Reflection
  • DSQL injection

How the community answered

(47 responses)
  • A
    85% (40)
  • B
    9% (4)
  • C
    2% (1)
  • D
    4% (2)

Explanation

The Web Parameter Tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and

Topics

#parameter tampering#URL manipulation#web vulnerabilities#input validation

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice