ID: 840 Status: Incomplete
Weaknesses in this category identify some of the underlying problems that commonly allow attackers to manipulate the business logic of an application. Errors in business logic can be devastating to an entire application. They can be difficult to find automatically, since they typically involve legitimate use of the application's functionality. However, many business logic errors can exhibit patterns that are similar to well-understood implementation and design weaknesses.
REF-795 Business Logic Flaws and Yahoo Games REF-796 Seven Business Logic Flaws That Put Your Website At Risk REF-797 Business Logic Flaws REF-798 Abuse of Functionality REF-799 Defying Logic: Theory, Design, and Implementation of Complex Systems for Testing Application Logic REF-667 Real-Life Example of a 'Business Logic Defect' (Screen Shots!) REF-801 Toward Automated Detection of Logic Vulnerabilities in Web Applications REF-802 Designing a Framework Method for Secure Business Application Logic Integrity in e-Commerce Systems