Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption of financial records, allowing attackers to manipulate inventory asset values and procurement costs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SourceCodester Pharmacy Product Management System 安全漏洞
Vulnerability Description
SourceCodester Pharmacy Product Management System是SourceCodester开源的一个药品管理系统。 SourceCodester Pharmacy Product Management System 1.0版本存在安全漏洞,该漏洞源于add-stock.php文件在库存录入时未验证txtprice和txttotalcost参数,允许提交负财务值,可能导致财务记录损坏,使攻击者能够操纵库存资产价值和采购成本。
CVSS Information
N/A
Vulnerability Type
N/A