Password

**Name of the Vulnerable Software and Affected Versions** Yxcms building system (compatible cell phone) version 1.4.7 **Description** The issue is related to a logic flaw in the `shopcarController.php` file, which allows attackers to modify prices by analyzing data from packet captures before form submission. **Recommendations** For version 1.4.7, consider implementing input validation and sanitization to prevent unauthorized price modifications. As a temporary workaround, restrict access to the `shopcarController.php` file to minimize the risk of exploitation.