10 matches found
CVE-2026-30574
CVE-2026-30574 affects SourceCodester Pharmacy Product Management System 1.0, in the add-sales.php logic. The vulnerability arises because the application does not verify whether the requested sales quantity (txtqty) exceeds the available stock, enabling an attacker to request a quantity far beyo...
EUVD-2024-51975
Malicious code in bioql PyPI...
CVE-2024-53476
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as t...
CVE-2024-53476
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as t...
CVE-2024-53476
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as t...
CVE-2024-53476
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as t...
CVE-2024-53476
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as t...
PT-2024-35754 · Unknown · Simplcommerce
Name of the Vulnerable Software and Affected Versions: SimplCommerce version 230310c8d7a0408569b292c5a805c459d47a1d8f Description: A race condition issue in the checkout logic allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts f...
TokenInLimit can be set higher than what the contract has to sell
Lines of code Vulnerability details Impact If totalTokenOutBought tokenOut.balanceOfaddressthis all tokens will be unclaimable and all funds would be lost. Proof of Concept TokenInLimit can be set arbitrarily high even if the contract doesn't have enough tokens to sell. Then users can buy more...
TokenInLimit can be set arbitrarily high even if the contract doesn't have enough tokens to sell.
Lines of code Vulnerability details Impact If totalTokenOutBought tokenOut.balanceOfaddressthis the finalize function will forever revert and no-one will be able to claim their bought tokens. Proof of Concept TokenInLimit can be set arbitrarily high even if the contract doesn't have enough tokens...