High severity7.5NVD Advisory· Published Jan 23, 2017· Updated May 13, 2026

CVE-2015-4626

Description

B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft.

Affected products

Treasuryxpress/C2box
cpe:2.3:a:treasuryxpress:c2box:*:*:*:*:*:*:*:*
Range: <=4.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/136450/C2Box-4.0.0-r19171-Validation-Bypass.htmlnvdExploitThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000