Lists Home |
Date Index |
"Alaric B. Snell" <email@example.com> writes:
> You can sometimes have fun with shopping sites that use third party credit
> card payment systems by getting to the page that has the form that submits to
> the third party, saving it to disk, editing the hidden fields for 'amount' to
> a smaller number but leaving the order number intact, then submitting it.
I keep hearing it... Have you actually seen this exploited? Don't
implicate yourself, if you had a *friend* who did, that should be
enough to satisfy my curiosity.