SQL Injection Vulnerability in code-projects Online Voting System by code-projects
CVE-2026-14649
6.9MEDIUM
What is CVE-2026-14649?
A SQL injection vulnerability has been identified in the saveVote.php file of the code-projects Online Voting System 1.0. The vulnerability resides in the test_input function, where a remote attacker can craft malicious inputs for the parameters voterName, voterEmail, voterID, or selectedCandidate. This manipulation can compromise the database by allowing unauthorized access to sensitive voter information and potentially lead to data leakage or other malicious actions.
Affected Version(s)
Online Voting System 1.0
