CVE-2026-14660
HighCVSS 7.3Summary
A vulnerability was found in Online Job Portal 1.0, specifically in the login.php file. An unknown function allows manipulation of the txtUser and txtPass arguments, leading to SQL injection. The attack can be performed remotely and the exploit has been made public.
Risk Assessment
An attacker can gain unauthorized access to the database, steal user credentials, or modify portal content, compromising the confidentiality and integrity of the system.
Recommendation
Immediately update the system to the latest version or apply a security patch. In the meantime, implement input validation and use prepared statements in the login.php file.
Original NVD description (English source)
A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.

