Parameter manipulation allows an attacker to intercept the communication between the client and server and modify parameters to an unintended value.  Common examples of this may be the modification of price values to a lower cost or even a negative value to see if the server accepts the new value.

Parameter manipulation can occur in both GET and POST requests and requires the attacker to have gained an understanding of the logic and workflow of an application.

‍