parameter tampering

parameter tampering

Modifying elements in the URL sent to a website in order to obtain unauthorized information. User queries are often passed to the database in the Web server by appending search arguments to the URL used to locate the site. By modifying the arguments (parameters) in the query, the malicious user can navigate the database and retrieve and/or modify its contents. See XSS.
Mentioned in ?
References in periodicals archive ?
CTG stated that the solution offers cyber security protection for online availability, parameter tampering, malware, website leeching and sensitive words of customers website.
Ultimately, a WAF is capable of uncovering fraudulent use of parameters (XSS, XSRF, SQL injection, parameter tampering, etc.
Improvements to existing SQL Injection, Cross-Site Scripting (XSS), and Parameter Tampering vulnerability detection.
The vulnerability assessments were carried out by Imperva's Application Defence Centre and found that the most common type of attacks were cross-scripting, SQL injection and parameter tampering.
The tool reveals Web application vulnerabilities using the same techniques used by hackers, including the manipulation of IT infrastructure vulnerabilities, parameter tampering, Web services and SOAP vulnerabilities, hidden field manipulation, cookie poisoning, stealth commanding, backdoor and debug options, database sabotage, buffer overflow attacks, data encoding, and protocol piggybacking.

Full browser ?