HTTP Parameter Pollution
What happens if you append your own parameters at the end of a URL. eg:www.legitsite.com/blog?page=login&url=attacker.com
Theory
There is no standard defined how to accept HTTP Parameters. [No RFC]
Behaviour is based on various programming languages. Eg: PHP takes the last occuring parameter.
Last updated