Description

The product is vulnerable to Business Logic error through negative product amount.

Proof of Concept

Step 1: Login to the application, Navigate to Shops -> Products -> Add Product
Step 2: Fill in all the required details with Pricing parameter as -100 and click on save. Here an item is added with negative amount.

Impact

Manipulate the total value, which is possible to get all products for free.