{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/online-job-portal-1.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-14660"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Online Job Portal 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve","initial-access"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA significant SQL injection vulnerability, tracked as CVE-2026-14660, has been identified in version 1.0 of the code-projects Online Job Portal. This flaw resides within the \u003ccode\u003elogin.php\u003c/code\u003e file, where improper neutralization of special elements in the \u003ccode\u003etxtUser\u003c/code\u003e and \u003ccode\u003etxtPass\u003c/code\u003e arguments allows for SQL injection. Attackers can remotely exploit this weakness without authentication, manipulating the database queries to bypass login mechanisms or extract sensitive information. The vulnerability has been publicly disclosed, including the availability of exploit code, which significantly elevates the immediate threat level. Organizations using this specific version of the Online Job Portal are at high risk of unauthorized access, data compromise, and potential system manipulation if exposed to the internet.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Reconnaissance\u003c/strong\u003e: An attacker identifies an instance of \u003ccode\u003ecode-projects Online Job Portal 1.0\u003c/code\u003e exposed on the internet.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVulnerability Identification\u003c/strong\u003e: The attacker determines that the \u003ccode\u003elogin.php\u003c/code\u003e endpoint is vulnerable to SQL injection through its \u003ccode\u003etxtUser\u003c/code\u003e and \u003ccode\u003etxtPass\u003c/code\u003e parameters.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCraft Malicious Request\u003c/strong\u003e: The attacker crafts an HTTP POST request targeting \u003ccode\u003elogin.php\u003c/code\u003e, embedding SQL injection payloads (e.g., \u003ccode\u003e' OR '1'='1\u003c/code\u003e) into the \u003ccode\u003etxtUser\u003c/code\u003e and/or \u003ccode\u003etxtPass\u003c/code\u003e fields.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInjection Execution\u003c/strong\u003e: The vulnerable \u003ccode\u003elogin.php\u003c/code\u003e script processes the unvalidated input, inadvertently executing the malicious SQL query against the underlying database.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Bypass/Information Disclosure\u003c/strong\u003e: The malicious query either bypasses the authentication logic, granting the attacker unauthorized access, or extracts sensitive database content (e.g., user credentials, personal data).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePost-Exploitation Activity\u003c/strong\u003e: With unauthorized access, the attacker can then modify existing data, inject new data, or continue to exfiltrate further sensitive information from the database, potentially leading to complete data compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14660 can lead to severe consequences for organizations utilizing the affected Online Job Portal. Attackers can achieve unauthorized access to the application, potentially gaining administrative privileges, which allows for complete control over user accounts, job postings, and applicant data. This could result in the theft of sensitive personal identifiable information (PII), intellectual property, or confidential business data. The public availability of an exploit increases the likelihood of widespread exploitation by various threat actors, potentially affecting a broad range of small to medium-sized organizations using this specific project. Data manipulation could also lead to data integrity issues or service disruption.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-14660 immediately\u003c/strong\u003e by upgrading \u003ccode\u003ecode-projects Online Job Portal\u003c/code\u003e to a patched version or applying vendor-supplied mitigations, as highlighted in the NVD entry and VulDB references.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeploy the provided Sigma rule\u003c/strong\u003e to your SIEM to detect attempts at SQL injection against your web applications.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview web server logs\u003c/strong\u003e for suspicious requests targeting \u003ccode\u003elogin.php\u003c/code\u003e with SQL injection payloads, correlating with the patterns described in the detection rule.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImplement a Web Application Firewall (WAF)\u003c/strong\u003e in front of your Online Job Portal to filter and block malicious SQL injection attempts before they reach the application.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-04T23:20:30Z","date_published":"2026-07-04T23:20:30Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14660-job-portal-sql-injection/","summary":"A critical SQL injection vulnerability (CVE-2026-14660) exists in code-projects Online Job Portal version 1.0, specifically within the 'login.php' file, allowing remote attackers to bypass authentication or exfiltrate data by manipulating 'txtUser' and 'txtPass' arguments, with a public exploit increasing immediate risk.","title":"CVE-2026-14660: SQL Injection in code-projects Online Job Portal 1.0","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14660-job-portal-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed - Online Job Portal 1.0","version":"https://jsonfeed.org/version/1.1"}