CVE-2025-61546 | THREATINT

Description

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible due to reliance on client-side input validation controls.

PUBLISHED Reserved 2025-09-26 | Published 2026-01-08 | Updated 2026-01-13 | Assigner mitre

References

github.com/...erability-disclosures/tree/main/CVE-2025-61546

cve.org (CVE-2025-61546)

nvd.nist.gov (CVE-2025-61546)

Download JSON