Setting Manipulation

Description
Attackers manipulate the settings of the system to cause the application to behave in unexpected ways.

NOTE: The title was originally from http://www.cve.mitre.org/ and was intended to be used for a vulnerability. We believe this title is more appropriate for an attack. The corresponding vulnerability is Allowing External Setting Manipulation

Examples

 * An application takes a user-controllable parameter in the HTTP request to decide whether to turn on the debug mode.


 * The serialized object that stores the current system status can be overwritten by user input.

Related Vulnerabilities
Allowing External Setting Manipulation