A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
2025-07-13T00:15:21.207
2025-07-15T17:48:17.227
Analyzed
CVSSv3.1: 7.3 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | code-projects | modern_bag | 1.0 | Yes |