Tag
A high-severity SQL Injection vulnerability, CVE-2026-14747, exists in the /addprojectsale.php file of code-projects Real State Services 1.0, allowing remote unauthenticated attackers to manipulate the 'amen' argument for arbitrary SQL query execution, leading to data compromise or unauthorized access.