UC MIGS module for Drupal was susceptible to web parameter tampering.
From the Drupal advisory, SA-CONTRIB-2010-064 –
The Ubercart MIGS Payment Gateway module provides support for the MIGS 3rd-party payment gateway used by ANZ, Commonwealth Bank, Bendigo Bank, and various other banks worldwide for payment processing.
This module was susceptible to web parameter tampering which allowed users to bypass paying the full amount due on checkout.
The amount paid was correctly recorded against the order, but certain site configurations might allow purchases to be delivered despite incomplete payment.
This has been resolved in the latest release, which also incorporates other features to match bank requirements.