Tag
A high-severity SQL injection vulnerability (CVE-2026-14746) exists in code-projects Real State Services 1.0, specifically in the `/addprojectrent.php` file, where the `amen` argument can be manipulated to execute arbitrary SQL commands, enabling remote attackers to achieve unauthorized data access or modification, with public exploit disclosure increasing the risk of active exploitation.