CVE-2026-30574

High CVSS: 7.5

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is significantly higher than the actual available stock.

Vendor

Senior-walter

Product

Web-based Pharmacy Product Management System

CWE

CWE-841

Yayın Tarihi

2026-03-27 17:16:28

Güncelleme

2026-03-31 18:03:28

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-841 Web-based Pharmacy Product Management System HIGH Senior-walter 2026

Referanslar

https://github.com/meifukun/Web-Security-PoCs/blob/main/Pharmacy-Product-Management-System/Logic-AddSales-Overselling.md

Benzer Kayıtlar

High

CVE-2026-30573

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is loc…

High

CVE-2026-30576

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

High

CVE-2026-30575

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

Medium

CVE-2026-3766

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an…

Low

CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unkno…

Medium

CVE-2025-14206

A vulnerability was determined in SourceCodester Online Student Clearance System 1.0. The affected element is an unknown…