Product
A critical SQL injection vulnerability (CVE-2026-15137) has been identified in code-projects Interview Management System version 1.0, allowing remote unauthenticated attackers to manipulate the 'ID' argument in the '/inc/classes/View.php' file, leading to arbitrary SQL query execution and potential data compromise; a public exploit is available.