CVE-2026-14649

Summary

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function test_input of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely.

Affected Software

VendorProductVersion RangeStatus
code-projectsOnline Voting System1.0affected

Weaknesses

  • CWE-89: SQL Injection
  • CWE-74: Injection

References