| 제목 | SourceCodester Pharmacy Product Management System 1.0 Business Logic Errors |
|---|
| 설명 | A business logic vulnerability exists in Pharmacy Product Management System 1.0. The vulnerability is located in the file add-sales.php. The application fails to validate the 'txtqty' POST parameter, allowing an authenticated attacker to submit negative integers. This results in the artificial inflation of stock levels because the system subtracts the negative sales quantity from the current inventory, effectively adding to it. |
|---|
| 원천 | ⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Pharmacy-Product-Management-System/Logic-AddSales-NegativeQty.md |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2026. 03. 25. AM 03:18 (17 날 ago) |
|---|
| 모더레이션 | 2026. 04. 08. PM 05:22 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 356260 [SourceCodester Pharmacy Product Management System 1.0 POST Parameter add-sales.php txtqty] |
|---|
| 포인트들 | 20 |
|---|