🛒 QuickCart
PRACIVO LAB — INTENTIONALLY VULNERABLE
Shop
Checkout
Orders
DOM XSS
Clickjacking
⚠️
Pracivo Security Lab
— DOM XSS, clickjacking, price manipulation in checkout, IDOR on orders.
Checkout — Mechanical Keyboard
Price (hidden field — editable)
Quantity
Coupon Code
Place Order
Hint: change the price field to 0.01 and submit — the server accepts whatever price you send.