Low-level logic flaw

Imagine we have this website.

let’s try to buy the jacket.

now let’s open the burp.

now let’s see what will happen if we try to add 100 jacket at time.

notice that the quantity parameter crashed that mean the jacket parameter must be a value between 0 and 100

so let’s try adding 99 jacket at time.

now let’s see the cart.

as we see we got the jackets.

but what will happen if we added alot of jackets can the application handle the price?

now let’s copy the request to the intruder.

now we will continue adding jackets till we find a wierd behavior from the application.

notice that we got nigative number.