A SQL injection vulnerability was discovered in projectworlds Online Art Gallery Shop version 1.0. The vulnerability affects the Registration Handler component, specifically in the /admin/registration.php file through manipulation of the 'fname' parameter. The attack can be launched remotely and exploits have been made publicly available. This allows attackers to potentially access, modify, or extract sensitive data from the application's database through malicious SQL queries.