Skip to content
Threat Feed

Product

Real State Services 1.0

7 briefs RSS
high advisory

CVE-2026-14769 — SQL Injection in code-projects Real State Services 1.0

A critical security vulnerability, CVE-2026-14769, allows for remote SQL Injection in code-projects Real State Services 1.0 via the 'Bankname' argument in the '/pay.php' file, with a publicly disclosed exploit enabling information disclosure and potential data manipulation.

Real State Services 1.0 sql-injection web-vulnerability cve data-exfiltration
1r 3t 1c 6i
high advisory

CVE-2026-14768: Remote SQL Injection in code-projects Real State Services 1.0

A remote SQL injection vulnerability (CVE-2026-14768) has been identified in code-projects Real State Services 1.0, allowing attackers to exploit the 'loc' argument in '/builderHome.php' for arbitrary SQL command execution, with a public exploit available.

Real State Services 1.0 web-vulnerability sql-injection php cve
1r 1t 1c
high advisory

CVE-2026-14747: SQL Injection in code-projects Real State Services 1.0

A high-severity SQL Injection vulnerability, CVE-2026-14747, exists in the /addprojectsale.php file of code-projects Real State Services 1.0, allowing remote unauthenticated attackers to manipulate the 'amen' argument for arbitrary SQL query execution, leading to data compromise or unauthorized access.

Real State Services 1.0 sql-injection web-exploitation cve php real-state
1r 1t 1c
high threat

CVE-2026-14746: SQL Injection in code-projects Real State Services

A high-severity SQL injection vulnerability (CVE-2026-14746) exists in code-projects Real State Services 1.0, specifically in the `/addprojectrent.php` file, where the `amen` argument can be manipulated to execute arbitrary SQL commands, enabling remote attackers to achieve unauthorized data access or modification, with public exploit disclosure increasing the risk of active exploitation.

exploited Real State Services 1.0 sql-injection web-vulnerability cve webserver public-exploit
1r 1t 1c
high advisory

CVE-2026-14745: SQL Injection in code-projects Real State Services

A critical SQL injection vulnerability (CVE-2026-14745) affecting code-projects Real State Services version 1.0 allows remote, unauthenticated attackers to execute arbitrary SQL commands by manipulating the 'ID' argument in the '/single-list_rent.php' file, potentially leading to data exposure, unauthorized modification, or denial of service, with a public exploit available.

Real State Services 1.0 web-vulnerability sql-injection cve real-estate vulnerability
1r 3t 1c
high advisory

CVE-2026-14744: Remote SQL Injection in code-projects Real State Services 1.0

A critical SQL injection vulnerability (CVE-2026-14744) has been found in code-projects Real State Services version 1.0. The flaw resides in an unknown function within the /normalHomeRent.php file, where manipulating the 'loc' argument allows for remote SQL injection, and a public exploit has been released, posing an immediate threat to affected systems.

Real State Services 1.0 web-exploitation sql-injection cve-2026-14744 initial-access data-exfiltration
1r 4t 1c 6i
high advisory

CVE-2026-14743: Remote SQL Injection in code-projects Real State Services 1.0

A high-severity remote SQL injection vulnerability (CVE-2026-14743) in code-projects Real State Services 1.0 allows an unauthenticated attacker to manipulate the 'loc' argument in the `/normalHomeSale.php` file, leading to arbitrary SQL command execution and potential compromise of confidentiality, integrity, and availability of data, with an exploit publicly available.

Real State Services 1.0 sql-injection webserver vulnerability cve
1r 2t 1c