Web Store EC App Security Analysis

[fredb () CSE OGI EDU (Fred Bower)]

As a follow-on to the numerous reports of EC app security vulnerabilities, I thought that I would add my $.02.  I did a 
(fairly) detailed analysis of WebStore ( http://www.extropia.com/scripts/web_store.html ) and have published my paper 
at http://www.cse.ogi.edu/~fredb/cse527paper.html for all to read.  While WebStore has already been mentioned in a 
thread here, the detail given was limited.  If you desire additional information, my report may be of interest.  In 
addition to the unauthorized access to order information, I found potential denial of service or installation 
corruption issues that, while not as large a problem as publication of credit card numbers, are still significant 
problems in the product.

fred
Fred Bower
Standard Disclaimers Apply
fredb () cse ogi edu