Shimoli1964 wrote:How do shopping carts on websites work and how are the prices be changed? What kind of potential vulnerabilities pose to be exploited if I decided I wanted to use one myself?:
Great question Shimoli. Now, the way this works is dependent on the site or the template being used, as always. If the site was just thrown together by an amateur, your cart items could be carried through cookies. Then once you go to purchase an item, it might cross check the items in your cart to the prices in their database and then charge you the amount. This could get a lot more complex. Say you were to change the value being ran through on the purchase. Most sites would either run a secondary check after the matter to make sure the expected price was the about-to-be-paid price, and if something went wrong you could get an error message. Or they might just leave everything behind the scenes and tamper data wouldn't be able to pick anything up anyway. That's probably more likely, considering most people use commercial software for things like that and they are generally secure against the average day tamper-data user. If you could get superuser privileges on their database, you'd have a hell of a lot more chance of changing a price for an item. But that's a completely different topic to be talked about.
Shimoli1964, I thank you for your time and questioning. Welcome to HTS, where what matters most, is satisfaction. 100% guaranteed.