Product
A critical SQL injection vulnerability (CVE-2026-14660) exists in code-projects Online Job Portal version 1.0, specifically within the 'login.php' file, allowing remote attackers to bypass authentication or exfiltrate data by manipulating 'txtUser' and 'txtPass' arguments, with a public exploit increasing immediate risk.