An attacker has been successfully modifying the purchase price of items purchased on the company's web site. the security administrators verify the web server and oracle database have not been compromised directly. they have also verified the intrusion detection system (ids) logs and found no attacks that could have caused this. what is the mostly likely way the attacker has been able to modify the purchase price?

Form the given statement i have come to know that the by changing hidden form values attacker has been able to modify the purchase price.

Explanation:

User can change a hidden field is not different from a common field from browser or server side.

If you want to store data then user must have to store them on server -side on a session and it is a fastest way.

email the tech support from your school

explanation:

(because i need 20 chars)