Vulnerability Details CVE-2026-30574
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is significantly higher than the actual available stock.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.1%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-30574
-
cpe:2.3:a:senior-walter:web-based_pharmacy_product_management_system:1.0