HIGH🇵🇱 Wersja polska

CVE-2026-30574

CVSS 7.5v3.1pub. 2026-03-27upd. 2026-03-31

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is significantly higher than the actual available stock.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Senior Walter Web Based Pharmacy Product Management System

    APP
    Senior-Walter
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-30573HIGH7.5ten sam produkt

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerabil...

CVE-2026-30576HIGH7.5ten sam produkt

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stoc...

CVE-2026-30575HIGH7.5ten sam produkt

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stoc...

CVE-2025-63712HIGH8.8ten sam produkt

Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Management System. The User Management modu...

CVE-2025-56274HIGH8.1ten sam produkt

SourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, whi...