312-50V13 Question #53: Real Exam Question with Answer & Explanation

The correct answer is C: Web Parameter Tampering. The ability to modify values in the URL parameters and have those changes reflected on the webpage indicates a Web Parameter Tampering vulnerability.

Submitted by andreas_gr· Mar 6, 2026Hacking Web Applications

Question

While using your bank's online servicing you notice the following string in the URL bar: 1" You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflects the changes. Which type of vulnerability is present on this site?

Options

ACookie Tampering
BSQL Injection
CWeb Parameter Tampering
DXSS Reflection

Explanation

The ability to modify values in the URL parameters and have those changes reflected on the webpage indicates a Web Parameter Tampering vulnerability.

Common mistakes.

A. Cookie tampering involves modifying data stored in HTTP cookies, not directly in URL parameters.
B. SQL Injection involves injecting malicious SQL queries into input fields to manipulate database queries, which is distinct from simply modifying URL parameters for displayed values.
D. XSS Reflection involves injecting client-side scripts (like JavaScript) into a web page that is then reflected back to the user, typically leading to script execution in the user's browser, not merely changing data values by altering URL parameters.

Concept tested. Web Parameter Tampering vulnerability

Reference. https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/07-Input_Validation_Testing/04-Testing_for_Parameter_Tampering

Topics

#Web application security#Parameter tampering#URL manipulation#Input validation

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice Browse All 312-50V13 Questions