CVE-2026-14701

A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

Credits

SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)

References