E-commerce Services --- Website Security Tests

·         Weak Login Forms

·         Data Leakage

·         SQL Injection attacks

Weak Login Forms

Most shopping carts have two login pages, one for customers and one for merchants. An attacker can perform a Brute Force Attack via the login form, using a proxy or a script on a shared server to mask their identity. We’ll simulate this kind of brute force attack, using some of the most common username and password combinations

Data leakage Vulnerability

Database-driven websites are very common, and the parameters of a database query can often be seen in the URL of web page

When information is passed in the URL in this way, a malicious user can iterate through the sequence and extract information that’s held in the website database

SQL Injection Attack

SQL injection is the name given to a vulnerability caused by poor input validation in an application. It’s a serious vulnerability, which can lead to high level of compromise – usually the ability to run any database query