Tag
A critical SQL injection vulnerability (CVE-2026-14745) affecting code-projects Real State Services version 1.0 allows remote, unauthenticated attackers to execute arbitrary SQL commands by manipulating the 'ID' argument in the '/single-list_rent.php' file, potentially leading to data exposure, unauthorized modification, or denial of service, with a public exploit available.