Use of Hard-coded Credentials in ERP App by PROG MIS
CVE-2026-14807

9.3CRITICAL

Key Information:

Vendor

Prog Mis

Status
Vendor
CVE Published:
6 July 2026

What is CVE-2026-14807?

The ERP App developed by PROG MIS is susceptible to a vulnerability that involves the use of hard-coded credentials. This flaw permits unauthenticated remote attackers to log in to the application without authorization, allowing them to access sensitive application code. Furthermore, attackers can retrieve critical database credentials, posing a significant risk to data integrity and system security.

Affected Version(s)

ERP App all

References

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.