A vulnerability classified as problematic was found in SourceCodester Online Mobile Management Store 1.0. Affected by this vulnerability is an unknown functionality of the component Product Price Handler. The manipulation of the argument quantity with the input -1 leads to business logic errors. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255583.
Weaknesses in this category identify some of the underlying problems that commonly allow attackers to manipulate the business logic of an application. Errors in business logic can be devastating to an entire application. They can be difficult to find automatically, since they typically involve legitimate use of the application's functionality. However, many business logic errors can exhibit patterns that are similar to well-understood implementation and design weaknesses.
| Link | Tags |
|---|---|
| https://vuldb.com/?id.255583 | third party advisory vdb entry technical description |
| https://vuldb.com/?ctiid.255583 | signature permissions required |
| https://github.com/vanitashtml/CVE-Dumps/blob/main/Business%20Logic%20in%20Mobile%20Management%20Store.md | third party advisory exploit |