Tag
A critical SQL injection vulnerability (CVE-2026-14744) has been found in code-projects Real State Services version 1.0. The flaw resides in an unknown function within the /normalHomeRent.php file, where manipulating the 'loc' argument allows for remote SQL injection, and a public exploit has been released, posing an immediate threat to affected systems.