CVE-2026-30576

| EUVD-2026-16708 HIGH
2026-03-27 mitre GHSA-5jg4-m9rh-fp8f
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
PoC Detected
Mar 31, 2026 - 16:14 vuln.today
Public exploit code
Analysis Generated
Mar 27, 2026 - 16:45 vuln.today
EUVD ID Assigned
Mar 27, 2026 - 16:45 euvd
EUVD-2026-16708
CVE Published
Mar 27, 2026 - 00:00 nvd
HIGH 7.5

Tags

PHP Information Disclosure

Description

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption of financial records, allowing attackers to manipulate inventory asset values and procurement costs.

Analysis

Pharmacy Product Management System 1.0 fails to validate financial input parameters in the add-stock.php file, permitting attackers to submit negative values for product prices and total costs. This business logic vulnerability corrupts financial records and allows manipulation of inventory asset valuations and procurement cost tracking. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

58
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +38
POC: +20

Share

CVE-2026-30576 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy