PT-2026-55727 · Code Projects · Onlinevotingsystem

C4Ttr4Ck

·

Published

2026-07-04

·

Updated

2026-07-04

·

CVE-2026-14648

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions code-projects Online Voting System versions 0.x through 1.0
Description An issue in the Login component allows remote attackers to perform SQL injection, a technique used to manipulate database queries. The flaw exists within the test input() function located in the /authentication.php file and is triggered by manipulating the adminUserName and adminPassword variables.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the /authentication.php file or the test input() function to minimize the risk of exploitation.

Exploit

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14648

Affected Products

Onlinevotingsystem