CVE Details
Basic Information
| Title | code-projects Modern Bag slide.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-13T00:02:05.664Z |
| Modified | 2025-07-13T00:02:05.664Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Modern Bag |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in Modern Bag 1.0, specifically within the slide.php file. This vulnerability allows remote attackers to inject malicious SQL code via the idSlide parameter, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Modern Bag |
| AI Version | 1.0 |
Affected Products
- code-projects Modern Bag 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.