140 matches found
CodeChecker <= 6.24.1 - Authentication Bypass
Authentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. id: CVE-2024-10081 info:...
CVE-2026-5812
A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...
CubeCart 跨站脚本漏洞
CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting flaw, which could allow attackers with administrative privileges to inject...
CVE-2026-7746
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /productexpiry/edit-admin.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is...
EUVD-2026-26935
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /productexpiry/edit-admin.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is...
CVE-2026-7746 SourceCodester Web-based Pharmacy Product Management System edit-admin.php sql injection
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /productexpiry/edit-admin.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is...
SourceCodester Web-based Pharmacy Product Management System 注入漏洞
SourceCodester Web-based Pharmacy Product Management System is an open-source pharmacy product management system developed by SourceCodester. Version 1.0 of the SourceCodester Web-based Pharmacy Product Management System has a SQL injection vulnerability. This vulnerability arises from unknown...
CVE-2026-5812
A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...
CVE-2026-5812 SourceCodester Pharmacy Product Management System POST Parameter add-sales.php logic error
A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...
SourceCodester Pharmacy Product Management System 安全漏洞
SourceCodester Pharmacy Product Management System is an open-source medication management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Product Management System contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter...
CVE-2026-30573
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters, allowing attackers to submit negative values for sales...
CVE-2026-30573
The CVE-2026-30573 affects SourceCodester Pharmacy Product Management System 1.0. A business logic flaw in add-sales.php allows negative values for txtprice and txttotalcost, skipping input validation. This can produce incorrect financial calculations, corrupt sales reports, and potential financi...
EUVD-2026-16708
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
EUVD-2026-16707
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level...
CVE-2026-30574
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...
CVE-2026-30575
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level...
CVE-2026-30574
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...
CVE-2026-30576
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
PT-2026-28413
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...
CVE-2026-30576
SourceCodester Pharmacy Product Management System 1.0 (add-stock.php) is affected by a Business Logic flaw: txtprice and txttotalcost are not validated during stock entry, enabling negative values that can corrupt financial records and be used to manipulate inventory asset values and procurement ...