CVE-2026-30576
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Description
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption of financial records, allowing attackers to manipulate inventory asset values and procurement costs.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-20
Source
NVD
Vendor
senior-walter
Product
web-based_pharmacy_product_management_system
Discussion (0)
Add Comment
No comments yet. Be the first!