CVE-2026-14766
Last modified
CVE-2026-14766 is a medium-severity vulnerability rated 6.3/10 on the CVSS scale. A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. EPSS estimates a 0.20% chance of exploitation in the next 30 days.
Description
A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| CodeAstro | Apartment Visitor Management System | 1.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14766?
How severe is CVE-2026-14766?
How do I fix CVE-2026-14766?
Related CVEs from 2026
- CVE-2026-1476An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14760A weakness has been identified in radareorg radare2 up to 6.…7.8
- CVE-2026-14761A security vulnerability has been detected in radareorg rada…5.5
- CVE-2026-14762A vulnerability was detected in code-projects Hotel and Tour…7.3
- CVE-2026-14763A flaw has been found in code-projects Hotel and Tourism Res…7.3
- CVE-2026-14764A vulnerability has been found in code-projects Hotel and To…7.3
- CVE-2026-14767A security flaw has been discovered in CodeAstro Ecommerce W…6.3
- CVE-2026-14768A weakness has been identified in code-projects Real State S…7.3
- CVE-2026-14769A security vulnerability has been detected in code-projects …7.3
- CVE-2026-1477An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14770A vulnerability was detected in SourceCodester Class and Exa…7.3
- CVE-2026-14771A flaw has been found in SourceCodester Class and Exam Timet…7.3
Are you affected by CVE-2026-14766?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
