Danny Trieu
Aug 27, 2017 · 1 min read

Why didn’t you mention the kind of vulnerabilities you described are characteristic of a Lift-n-Ship applications? You kind of already mentioned, in your 2nd paragraph of the ‘History’ section, as well mentioned backend and middle tiers as if this is N-tiers architecture.

Good to point out application level exploitation of api. IMHO, any decent internet traffic could tip over poor Lift-N-Ship application the way you described.

)