API Payments 05

Bookmarked!

This exercise covers how to abuse a shopping cart allowing users to apply a voucher.

PRO Hard < 1 Hr. 890 API Badge

Course

In this challenge, the objective is to find a vulnerability in how vouchers are managed within the application. By exploiting this, you should gain access to the challenge key using the voucher code HACKTHEPLANET with a value of 20, stored in your signed session.

Skills covered

Injection Client Side

CWE-345,CWE-693

Included with PRO

Full course content 1 video

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account