CVE Catalog

CVE-2026-14660

HighCVSS 7.3
Published: Translated: NVD NIST

Summary

A vulnerability was found in Online Job Portal 1.0, specifically in the login.php file. An unknown function allows manipulation of the txtUser and txtPass arguments, leading to SQL injection. The attack can be performed remotely and the exploit has been made public.

Risk Assessment

An attacker can gain unauthorized access to the database, steal user credentials, or modify portal content, compromising the confidentiality and integrity of the system.

Recommendation

Immediately update the system to the latest version or apply a security patch. In the meantime, implement input validation and use prepared statements in the login.php file.

Original NVD description (English source)

A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS