A SQL injection vulnerability has been discovered in projectworlds Online Art Gallery Shop version 1.0. The vulnerability affects an unknown functionality in the file /?pass=1 where manipulation of the argument 'fnm' leads to SQL injection. The attack can be launched remotely and the exploit has been publicly released, making it available for potential attacks. This vulnerability poses a high risk due to the public availability of the exploit code.