The application does not check the input of price number lead to Business Logic error through negative price amount.
Go to Product and Services area htdocs/product/index.php
Create a new or edit an item, insert a negative amount into Selling price
field.
Also in Billing and payment area andDonations area and maybe more
Business logic can have security flaws that allow a user to do something that isn’t allowed by the business, in business logic can be devastating to an entire application. They can be difficult to find automatically, since they typically involve legitimate use of the application’s functionality.