SQL Injection Vulnerability in Modern Bag by Code-Projects
CVE-2025-7508

7.3HIGH

Key Information:

Vendor: Code-Projects
Status: Modern Bag
Vendor: CVE Published:; 13 July 2025

🔔 Create Code-Projects Vulnerability Alert

What is CVE-2025-7508?

A vulnerability has been identified in Modern Bag version 1.0, where the file '/admin/product-update.php' is susceptible to SQL injection due to improper validation of the 'idProduct' parameter. This flaw allows attackers to manipulate database queries, potentially gaining unauthorized access to sensitive information. The vulnerability is exploitable remotely, making it a significant risk. Public disclosure of the exploit means that proactive measures must be taken to secure affected systems immediately.

References

https://code-projects.org/

https://github.com/chipower777/cve/issues/1

https://vuldb.com/?ctiid.316190

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 13, 2025