PT-2026-29535 · Sourcecodester · Pharmacy Product Management System
Published
2026-04-01
·
Updated
2026-04-01
·
CVE-2026-30573
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Pharmacy Product Management System version 1.0
Description
A business logic flaw exists in the add-sales.php file of the application. The application does not validate the
txtprice and txttotalcost parameters, allowing submission of negative values. This can result in incorrect financial calculations, corrupted sales reports, and potential financial loss.Recommendations
Ensure proper validation of the
txtprice and txttotalcost parameters to prevent negative values from being submitted.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pharmacy Product Management System