Is PHP affected by EUVD-2026-16707?

CVE-2026-30575 presents notable security risk, a input validation vulnerability rated CVSS 7.5. Exploitation could compromise the security of affected deployments. Proof-of-concept code is publicly available, increasing the risk of exploitation.

EUVD-2026-16707

| CVE-2026-30575 HIGH

2026-03-27 mitre

GHSA-jxwm-85rg-xjq8

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

PoC Detected

Mar 31, 2026 - 17:59 vuln.today

Public exploit code

Analysis Generated

Mar 27, 2026 - 17:15 vuln.today

EUVD ID Assigned

Mar 27, 2026 - 17:15 euvd

EUVD-2026-16707

CVE Published

Mar 27, 2026 - 00:00 nvd

HIGH 7.5

Description

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level instead of increasing it, leading to inventory corruption and potential Denial of Service by depleting stock records.

Analysis

Inventory depletion in SourceCodester Pharmacy Product Management System 1.0 allows remote attackers to corrupt stock records by submitting negative values through the add-stock.php 'txtqty' parameter, causing the system to decrease inventory instead of increasing it and enabling denial of service via stock exhaustion. Publicly available exploit code exists demonstrating this business logic flaw, and the affected product lacks CVSS severity quantification despite the demonstrated impact on system integrity and availability.

Remediation

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: +20

EUVD-2026-16707 vulnerability details – vuln.today

Back

EUVD-2026-16707

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-16707

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code