A vulnerability, which was classified as critical, was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/my_account.php?edit_account. Such manipulation of the argument c_name leads to sql injection.
This vulnerability is traded as CVE-2026-14639. The attack may be launched remotely. Furthermore, there is an exploit available.