CVE-2026-14648

Summary

A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function test_input of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

Affected Software

VendorProductVersion RangeStatus
code-projectsOnline Voting System0.*affected
code-projectsOnline Voting System1.0affected

Weaknesses

  • CWE-89: SQL Injection
  • CWE-74: Injection

References