Element InstantShop, http://www.element.be is vulnerable to price modification. A malicious user could modify the pricing information before submitting the order form.
The following is a sample of HTML from a InstantShop order form;
Saving the web page locally then editing the "price" field a malicious user could purchase products for much less than their market value or for zero and negative values.
The vendor has been notified but no patch information has been released.