[ic] would that be possible with IC ?
Ryan Hertz
rhertz@gyb.baits.com
Tue, 06 Mar 2001 01:05:28 -0700
>
>I haven't the experience to know this, but could IC be abused
>the way this article describes other shopping cart applications can ?
>
>http://www.zdnet.com/zdnn/stories/news/0,4586,2692337,00.html?chkpt=zdnn_rt
>_latest
>
>BF
I seriously doubt it. Although I've heard about that type of hack many
years ago, I never imagined that anyone would write software that would
susceptible to that type of exploit. AFAIK Interchange never asks the
literal page for the price, it looks in its database to match the price to
the item ordered. (duh)
There is a possibility that Cybercash-like interfaces could be vulnerable
if the dollar value ever exists in a hidden form field, or URL
encoded. But then, that's not IC, is it? ;-)
Ryan Hertz tel 800-645-BAIT
Webmaster fax 520-645-2588
Advertising Director http://www.baits.com
Gary Yamamoto Custom Baits, Inc. mailto:rhertz@baits.com