CVE-2026-30575

High CVSS: 7.5

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level instead of increasing it, leading to inventory corruption and potential Denial of Service by depleting stock records.

Vendor

Senior-walter

Product

Web-based Pharmacy Product Management System

CWE

CWE-20

Yayın Tarihi

2026-03-27 17:16:28

Güncelleme

2026-03-31 17:59:06

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-20 Web-based Pharmacy Product Management System HIGH Senior-walter 2026

Referanslar

https://github.com/meifukun/Web-Security-PoCs/blob/main/Pharmacy-Product-Management-System/Logic-AddStock-NegativeQty.md

Benzer Kayıtlar

High

CVE-2026-30573

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is loc…

High

CVE-2026-30576

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

High

CVE-2026-30574

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file…

Medium

CVE-2026-3766

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an…

Low

CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unkno…

Medium

CVE-2025-14206

A vulnerability was determined in SourceCodester Online Student Clearance System 1.0. The affected element is an unknown…