Title: Bdtask Bhojon All-In-One Restaurant Management System latest Business Logic Errors Description: - A severe Checkout Price Manipulation vulnerability lets attacker bypass complete payment, manipulate VAT and fees, place fraudulent orders, and mass-exploit through automated scripts or bots by sending falsified pricing fields. - Backend fails to validate, recalculate, or enforce integrity checks on pricing fields. - This leads to significant revenue loss for businesses using the platform. Source: https://github.com/4m3rr0r/PoCVulDb/issues/13 User: 4m3rr0r (UID 85795) Submission Date: 01/16/2026 11:34 AM Moderation Date: 01/29/2026 09:44 AM Status: Accepted VulDB Entry: 343361 Points: 20 Vulnerable Endpoint: /hungry/placeorder Vulnerable Fields: orggrandTotal, vat, service_charge, grandtotal