CVE-2026-14701
5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Summary
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| code-projects | Internship Management System | 1.0 | affected |
Weaknesses
- CWE-89: SQL Injection
- CWE-74: Injection
References
- https://vuldb.com/vuln/376297
- https://vuldb.com/vuln/376297/cti
- https://vuldb.com/cve/CVE-2026-14701
- https://vuldb.com/submit/846890
- https://github.com/zzzxc643/CVE1/blob/main/assessment/vul8.md
- https://code-projects.org/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.