vulnerability

Buying goods for free through the Authorize.net Payment Gateway plugin for WooCommerce

In the previous blog post, Paying less for more in Drupal Commerce through the Authorize.Net SIM/DPM, I described the vulnerability found in the Drupal Commerce Authnet SIM/DPM module. This time I decided to look into other eCommerce platforms and to find similar vulnerabilities.

Paying less for more in Drupal Commerce through the Authorize.Net SIM/DPM

In this article I am going to show you how to cheat the Drupal Commerce. I will make 2 orders: one for $1000 and another for $30. Due to weaknesses in the Authorize.net SIM/DPM and the way Commerce Authnet SIM/DPM module processes payments I would be able to pay $30 for a $1000 order. All I need is just a modern browser with an HTML Inspector.