In this post I want to focus on a common security flaw, the URL. So let's start with an example: 1 http://www.infosupport.com/getProduct.aspx?ProductID=123 Nothing wrong, a customer can manually change this URL to go to another page to view another...