{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/online-voting-system-0.x/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-14648"}],"_cs_exploited":true,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Online Voting System (0.x)","Online Voting System (1.0)"],"_cs_severities":["high"],"_cs_tags":["sql-injection","webserver","vulnerability","cve"],"_cs_type":"threat","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA significant security vulnerability, CVE-2026-14648, has been identified in the code-projects Online Voting System, affecting all versions up to and including 0.x and 1.0. This critical flaw stems from improper input neutralization within the \u003ccode\u003etest_input\u003c/code\u003e function in the \u003ccode\u003e/authentication.php\u003c/code\u003e file, specifically impacting the login component's handling of \u003ccode\u003eadminUserName\u003c/code\u003e and \u003ccode\u003eadminPassword\u003c/code\u003e arguments. Remote attackers can leverage this SQL injection to bypass authentication and potentially manipulate the underlying database. The vulnerability has been publicly disclosed, with a CVSS v3.1 base score of 7.3 (HIGH), indicating a high potential for in-the-wild exploitation. Defenders should prioritize patching and implement robust web application security measures to mitigate the risk posed by this easily exploitable flaw.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies an instance of the vulnerable code-projects Online Voting System accessible over the internet.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP POST request targeting the \u003ccode\u003e/authentication.php\u003c/code\u003e endpoint on the exposed server.\u003c/li\u003e\n\u003cli\u003eWithin the POST request, the attacker embeds SQL injection payloads into the \u003ccode\u003eadminUserName\u003c/code\u003e or \u003ccode\u003eadminPassword\u003c/code\u003e parameters, such as \u003ccode\u003e' OR '1'='1'--\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003etest_input\u003c/code\u003e function within \u003ccode\u003e/authentication.php\u003c/code\u003e processes the attacker's unsanitized input.\u003c/li\u003e\n\u003cli\u003eThe unsanitized input is directly concatenated into an SQL query, leading to the execution of attacker-controlled SQL commands within the application's database context.\u003c/li\u003e\n\u003cli\u003eSuccessful SQL injection bypasses the login authentication mechanism, granting the attacker unauthorized access to the Online Voting System, potentially as an administrator.\u003c/li\u003e\n\u003cli\u003eWith administrative access, the attacker can then exfiltrate sensitive user data, manipulate election results, deface the application, or establish further persistence.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14648 allows remote, unauthenticated attackers to gain unauthorized administrative access to the Online Voting System. This can lead to severe consequences, including the exfiltration of sensitive voter data (e.g., personal identifiable information), manipulation of election outcomes, system defacement, or complete compromise of the underlying database. The public disclosure of the exploit significantly increases the risk of widespread attacks against unpatched systems, potentially affecting government entities, educational institutions, or any organization utilizing this voting system.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately patch the code-projects Online Voting System to a version that addresses CVE-2026-14648.\u003c/li\u003e\n\u003cli\u003eDeploy a Web Application Firewall (WAF) in front of internet-facing instances of the Online Voting System to filter and block malicious SQL injection attempts.\u003c/li\u003e\n\u003cli\u003eEnable comprehensive web server access logging and audit logs for the Online Voting System to monitor for suspicious requests to \u003ccode\u003e/authentication.php\u003c/code\u003e containing SQL metacharacters, correlating with the Sigma rule.\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule to detect attempts to exploit CVE-2026-14648 in your environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-04T20:20:22Z","date_published":"2026-07-04T20:20:22Z","id":"https://feed.craftedsignal.io/briefs/2026-07-code-projects-voting-system-sqli/","summary":"A high-severity SQL injection vulnerability, identified as CVE-2026-14648, exists in the code-projects Online Voting System up to versions 0.x/1.0, allowing remote unauthenticated attackers to bypass authentication and execute arbitrary SQL commands by manipulating `adminUserName` or `adminPassword` parameters in the `/authentication.php` login component, with public exploit details increasing the risk of active exploitation.","title":"CVE-2026-14648: Remote SQL Injection in code-projects Online Voting System","url":"https://feed.craftedsignal.io/briefs/2026-07-code-projects-voting-system-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed - Online Voting System (0.x)","version":"https://jsonfeed.org/version/1.1"}