A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.
[
{
"cpes": [
"cpe:2.3:a:shopkit_project:shopkit:1.0:*:*:*:*:*:*:*"
],
"vendor": "shopkit_project",
"product": "shopkit",
"versions": [
{
"status": "affected",
"version": "1.0"
}
],
"defaultStatus": "unknown"
}
]