parameter tampering

parameter tampering

Modifying elements in the URL sent to a website in order to obtain unauthorized information. User queries are often passed to the database in the Web server by appending search arguments to the URL used to locate the site. By modifying the arguments (parameters) in the query, the malicious user can navigate the database and retrieve and/or modify its contents. See XSS.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
Mentioned in ?
References in periodicals archive ?
Ultimately, a WAF is capable of uncovering fraudulent use of parameters (XSS, XSRF, SQL injection, parameter tampering, etc.) without specific knowledge of an application.
-- Improvements to existing SQL Injection, Cross-Site Scripting (XSS), and Parameter Tampering vulnerability detection.
The vulnerability assessments were carried out by Imperva's Application Defence Centre and found that the most common type of attacks were cross-scripting, SQL injection and parameter tampering. Despite the use of defences, such as firewalls and intrusion detection, hackers were able to access valuable proprietary and customer data, shut- down websites and servers, defraud businesses and introduce serious legal liability without being stopped or, in many cases, even detected.

Full browser ?