13 matches found
CVE-2026-30573
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters, allowing attackers to submit negative values for sales...
SourceCodester Pharmacy Product Management System 安全漏洞
SourceCodester Pharmacy Product Management System is an open-source medication management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Product Management System contains a security vulnerability. This vulnerability arises from the fact that the add-sales.php file...
CVE-2026-30573
The CVE-2026-30573 affects SourceCodester Pharmacy Product Management System 1.0. A business logic flaw in add-sales.php allows negative values for txtprice and txttotalcost, skipping input validation. This can produce incorrect financial calculations, corrupt sales reports, and potential financi...
EUVD-2026-16708
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption...
LPDA sales can potentially have buying function reverting indefinately due to negative price
Lines of code Vulnerability details Impact While i'm assuming there are checks for this on UI or off-chain, this wasn't mentioned in the docs or the comments, so its worth flagging and possibly implementating the mitigation step as a precaution since it is also cheap on gas. The price can...
PRICE's getCurrentPrice() can return zero price
Lines of code Vulnerability details Currently no price validity check is performed in getCurrentPrice. This way zero ohmEthPriceFeed.latestRoundData produced prices will yield zero getCurrentPrice which will be passed over to the logic. Also, negative OHM price or zero / negative reserve...
Unsafe _price cast
Lines of code Vulnerability details Impact The price provided by chainlink AggregatorV3 could be a negative, if that happend the cast of the price goes high, in example, cast -1 to uint256 was 2256 - 1 Proof of Concept return uint256price.adjustDecimalsfeedDecimals, decimals; Tools Used Manual...
Malicious user can indefinitely freeze the funds of another user
Lines of code Vulnerability details Impact By design, a user's cooldown period is extended if they receive a transfer of hPal. The cooldown is extended based on the weight of the receiver's original balance and cooldown period compared to the sent amount and sender's cooldown period. Due to this...
Business Logic Errors
pimcore/pimcore is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the actionCartDiscount function in pricing/config/item.js file as it does not properly check user input negative price amounts...
GHSA-8QVX-F5GF-G43V Logic error in dolibarr
The application does not check the input of price number lead to Business Logic error through negative price amount...
Business Logic Errors
dolibarr/dolibarr is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the create function in don.class.php as it does not properly check user input negative price amounts...
Business Logic Errors in microweber/microweber
Description A fixed price coupon can be applied to get negative price for a product Proof of Concept 1: Create a fixed coupon Example: $200 coupon, $300 minimum 2: Add two products into the cart Example $50 + $300 3: Apply the fixed coupon. 4: Remove the $300 product. Observe that the price is no...
YXcms1.2.7 刷账户预存款余额
简要描述: YXcms1.2.7 刷账户预存款余额 详细说明: 问题存在于protested/apps/member/controller/shopcarController.php 只判断了数目不能为负,但没有判断价格不能为负。 访问链接http://127.0.0.1/YXcmsApp1.2.7/index.php?r=member/shopcar/caradd post: 'code' = int 1 'name' = int 1 'price' = float -100 'num' = int 1 就向购物车里塞了一个负数价格的商品。 生成订单然后支付,就可以刷余额了。...