Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Pharmacy Management System: Uncontrolled Sales Quantity
CVE-2026-5812
Summary
The SourceCodester Pharmacy Product Management System 1.0 has a security issue that can be exploited remotely. An attacker can manipulate sales quantities, potentially causing unintended business logic errors. We recommend updating to a fixed version or seeking support from the software provider.
Original title
A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Perform...
Original description
A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
5.5
nvd CVSS3.1
5.4
nvd CVSS4.0
5.3
Vulnerability type
CWE-840
Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026