| Titre | SourceCodester Pharmacy Sales and Inventory System 1.0 Information Disclosure |
|---|
| Description | A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is the function sell_statement of the file application/controllers/ShowForm.php. The manipulation with the input || leads to a broken access control vulnerability (Authentication Bypass).
The authentication check in the sell_statement method uses an incorrect logical operator: `if ($this->session->userdata('username') != '' || $this->session->userdata('username') != 'staff')`. Due to the OR operator, this condition always evaluates to TRUE regardless of the user's authentication status. As a result, unauthenticated attackers can directly access the sales statement page and view all sensitive sales records without any login credentials.
The same flawed authentication logic is also present in the supplier_payment method (line 165), allowing unauthorized access to supplier payment records.
Successful exploitation exposes highly sensitive business and financial information, including sales dates, invoice numbers, medicine names, unit prices, quantities sold, total amounts, discount amounts, and actual revenue received. This can lead to competitive disadvantage, financial fraud, and regulatory compliance violations.
The vulnerability can be exploited remotely without any user interaction or authentication. The attack complexity is low and no privileges are required. |
|---|
| La source | ⚠️ https://github.com/timeflies123/cve/issues/7 |
|---|
| Utilisateur | timeflies (UID 97515) |
|---|
| Soumission | 09/05/2026 10:07 (il y a 26 jours) |
|---|
| Modérer | 31/05/2026 14:32 (22 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 367533 [SourceCodester Pharmacy Sales and Inventory System 1.0 ShowForm.php sell_statement élévation de privilèges] |
|---|
| Points | 20 |
|---|