If you are playing on Minecraft' Bukkit multiplayer servers, you may've heard of a server-sided plugin called ChestShop. Maybe some of servers that you visit even use it. Now, a fact is, that it has a couple of bugs with different negative effects (from server balance point of view). Yes, that happens, plugins do have bugs sometimes. A problem is, that on many servers that I visited, administration would either ignore fact of there being something wrong, or even denying possibility of bugs existing - in both cases taking no steps to fix anything, even if given an explanation, how to.
So I'm publishing a list of bugs with more or less comprehensive information, including measures that need to be taken to exclude these.
Here's a video demonstration (with version 3.46) and a description of each bug pictured in video:

Field	Information
Delayed teleportation
Effect	Item duplication (appliable to any item, x2 at time)
Detection	No visible effect (also logging plugins will not display item copies being taken from chest), apart from people normally being simple enough to store stacks of duplicated items in same chest.
Replication	Create a ChestShop (sold item has no influence) Issue a delayed teleportation command, such as /tpa (other commands work if they have few seconds delay). Note that few conditions are to be met: You must be the only person around the area Teleportation must go outside the previously visible area (normally 250+ blocks away) These have to be done to ensure that the chunk gets unloaded (see explanation). Before teleportation happens, right-click your ChestShop sign to open it's contents. If previous steps are done correctly, chest interface shall remain open after teleporting. Moving items from chest to inventory will duplicate the items. Vice-versa will destroy the items.
Explanation	This is a long-lasting Bukkit bug, related to accessing container interfaces via API call (plugins). If the chunk gets unloaded while you are doing this, container will continue existing (java memory handling, you see) until UI screen drops the reference to it. Chest contents (in chunk) are not synced with this "floating" chest though.
Fixing	Open plugins/ChestShop/config.yml and change line saying ALLOW_SIGN_CHEST_OPEN: true to ALLOW_SIGN_CHEST_OPEN: false To note, it's pretty suprising, how many servers still have this available, despite of this bug being reported on every second ChestShop discussion page on Bukkit plugin directory.
Notes	It is also possible to do this with non-delayed teleportation by either having macros key mod, or any other means to send a chat packet while chest UI is open.
Exponential money
Effect	Possibility to create any amount of funds "out of thin air".
Detection	Clearly visible in server log as a normal ChestShop transaction message. Can be traced back to "source" user with simple text search. As well easily seen on sign, by strange third line contents.
Replication	Create a ChestShop with prices in third line (B # : S #) including numbers in exponential notation, e.g. 1e9 for 1 million (1 * 109). Amount can be negative too. When people buy/sell items from shop with said price notation mode, economy plugin will not check data appropriately, commonly paying one of recipients without taking funds from another. Especially if given a negative value (e.g. B -1e9 will grant costumer one million in-game currency for every item bought)
Explanation	Undefined. There's a suspect of some very sloppy coding in either ChestShop or commonly used economy plugins.
Fixing	Ability to set negative item prices is fixed as of 3.50t49
Anvil wizardry
Effect	Item duplication upon purchasing. Shop never runs out of stock.
Detection	Renamed / enchanced items in one or more ChestShops - commonly only few items are put in, as there is no need for larger quantities. Also can be seen in server log as purchase of too many items from the same shop.
Replication	Enchant an item, or rename it via use of anvil block. Place modified item into a ChestShop Item will count as shop stock, but will never be taken out of shop after purchase. Costumers will receieve normal items.
Explanation	In short, this is just an item comparison bug.
Fixing	Development versions of ChestShop larger than 3.46 kind of fix this, by not allowing to sell enchanted items at all. Doesn't look like a persistent solution.
Notes	Fun fact: I've found this bug while trying to do a small prank, by making a shop that sold renamed items, e.g. "Diamond" items renamed to "Coal" and other. Later it was spotted, that shops are at full stock, despite of people purchasing items periodically.
Air is free
Effect	Allows users to sell zero quantities of items.
Detection	If shop sells 0 items at once, a "ghostly" item stack will be created in player's inventory. Since item stack is zero size, it will disappear as soon as any operation is done about it (e.g. trying to drag it in inventory, drop, etc.) Some of items (such as potions, experience bottles, and mob eggs) can be still used while at zero quantity though, making this fairly exploitable.
Replication	Create a ChestShop with item quantity stated as 0
Explanation	Simple enough, of course there's enough items in chest to subtract no items from those.
Fixing	Ability to sell zero items is fixed as of 3.50t49
Notes	You can "sell" even items that you do not have. This is also the only way to sell air (nothing) in a shop.

Related posts:

• Minecraft: A small large bug in Lockette and LWC
• Minecraft: Shattered world (r1)
• Minecraft: Sometime, modding
• Minecraft: Automating creation with WorldEdit