6 matches found
CVE-2025-7471 code-projects Modern Bag login-back.php sql injection
A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. The attack can be launched remotely. The...
CVE-2025-7471 code-projects Modern Bag login-back.php sql injection
A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. The attack can be launched remotely. The...
CVE-2025-7467 code-projects Modern Bag product-detail.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2025-7461
CVE-2025-7461 affects code-projects Modern Bag 1.0, specifically the file /action.php. The vulnerability arises from improper validation of the proId parameter, enabling SQL injection and potentially allowing remote exploitation. Multiple connected sources confirm this SQLi in an unknown/unspecif...
PT-2025-29351 · Unknown · Modern Bag
Name of the Vulnerable Software and Affected Versions: Modern Bag version 1.0 Description: A critical vulnerability exists due to a SQL injection flaw in the /admin/product-update.php file. The idProduct argument is susceptible to manipulation, potentially allowing for remote attacks. The exploit...
CVE-2025-2385 code-projects Modern Bag login.php sql injection
A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument userEmail/userPassword leads to sql injection. The attack can be initiated remotely. The exploit has been...