Subject: | |
From: | |
Reply To: | |
Date: | Mon, 12 Mar 2001 09:10:29 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Here's some info that might be useful to those with on-line shopping carts from the March 12, 2001 CobolReport.com News Blast:
$400* how about $1.98
According to Interactive Week, it's surprisingly easy to change the price tags in a lot of online shopping cart apps, in fact, as many as one-third of online retailers may be vulnerable to price switching. Some companies are auditing their sales daily, checking for unusually low prices. After choosing a product and receiving pricing information, a hacker can use a standard browser's 'edit page' feature to show the hidden HTML code on the page. The thief then saves the page to his computer, alters the price information and then hits the 'publish' key on the browser. In many cases, the shopping cart software then accepts that page. The price should never leave the database. The only thing that should be accepted from the browser is a product ID.
http://www.zdnet.com/intweek/stories/news/0,4164,2692337,00.html
|
|
|