EUVD-2026-16706

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...

CVE-2026-30574

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...

EUVD-2025-15023

Malicious code in bioql PyPI...

EUVD-2024-47275

Malicious code in bioql PyPI...

CVE-2024-6128

A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manipulation of the argument quantity with the input -10 leads to enforcement of behavioral workflow. T...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

CVE-2025-3889 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity'

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'processpaymentdata' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the...

PT-2025-18383 · WordPress · Wordpress Simple Shopping Cart

Name of the Vulnerable Software and Affected Versions: WordPress Simple Shopping Cart plugin versions up to, and including, 5.1.3 Description: The issue allows unauthenticated attackers to manipulate the quantity of a product to a negative number, effectively subtracting the product cost from the...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

itsourcecode Agri-Trading Online Shopping System 安全漏洞

itsourcecode Agri-Trading Online Shopping System is an open source online shopping system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Agri-Trading Online Shopping System. An attacker can exploit this vulnerability to manipulate the quant parameter when adding...

PT-2024-34477 · Itsourcecode · Itsourcecode Agri-Trading Online Shopping System

Name of the Vulnerable Software and Affected Versions: itsourcecode Agri-Trading Online Shopping System version 1.0 Description: A business logic issue exists in the Add to Cart function, allowing remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the...

CVE-2024-6128

A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manipulation of the argument quantity with the input -10 leads to enforcement of behavioral workflow. T...

CVE-2024-30527

CVE-2024-30527 affects WordPress WP Express Checkout (Accept PayPal Payments) plugin up to version 2.3.7. An improper validation of the specified quantity in input allows manipulating hidden fields during checkout, enabling price manipulation. Mitigation: upgrade to a version later than 2.3.7 (pa...

PT-2024-18924 · Sourcecodester · Sourcecodester Online Mobile Management Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Mobile Management Store version 1.0 Description: A problematic vulnerability was found in the component Product Price Handler of the SourceCodester Online Mobile Management Store. The manipulation of the quantity argumen...