Shipping prices can be intercepted and changed

~nec

No avatar

2006-06-11 19:43

Hi people,

i'm working a few day now with quick.cart and i love it. Small, fast, anything i need. Great work.
I noticed the following security flaw.
If a customer intercepts his order, there is some variable saying iCourier=1%7C12.00
I can change that value to whatever i like to. The order is proccessed normaly, but with the wrong values.

best regards,
nec

treewood (OpenSolution)

Avatar: treewood

2006-09-11 10:41

nec - in QC v1.4 it will be fixed. after we put qc v1.4 to download please check it.

Back to top

Over 32 thousand websites based on Quick.Cart and Quick.Cms. See the most interesting ones...

  • Screenshot of website aparperfume.pl
  • Screenshot of website sportowcydzieciom.pl
  • Screenshot of website jezykipodroze.pl
  • Screenshot of website powiat-wieruszowski.pl
  • Screenshot of website 4carriers.com
about us | contact