Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for Internship Management System by code-projects
CVE-2026-14701 (GCVE-0-2026-14701)
Vulnerability from nvd – Published: 2026-07-05 03:45 – Updated: 2026-07-05 03:45 X_Freeware
VLAI
Title
code-projects Internship Management System Password Change Endpoint change_password.php sql injection
Summary
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
Severity
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376297 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376297/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14701 | third-party-advisory |
| https://vuldb.com/submit/846890 | third-party-advisory |
| https://github.com/zzzxc643/CVE1/blob/main/assess… | exploit |
| https://code-projects.org/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Internship Management System |
Affected:
1.0
cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"Password Change Endpoint"
],
"product": "Internship Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:45:08.160Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376297 | code-projects Internship Management System Password Change Endpoint change_password.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376297"
},
{
"name": "VDB-376297 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376297/cti"
},
{
"name": "CVE-2026-14701 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14701"
},
{
"name": "Submit #846890 | Internship Portal file `employer/details/change_password.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846890"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul8.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:29:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Internship Management System Password Change Endpoint change_password.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14701",
"datePublished": "2026-07-05T03:45:08.160Z",
"dateReserved": "2026-07-04T05:24:37.642Z",
"dateUpdated": "2026-07-05T03:45:08.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-14700 (GCVE-0-2026-14700)
Vulnerability from nvd – Published: 2026-07-05 03:30 – Updated: 2026-07-05 03:30 X_Freeware
VLAI
Title
code-projects Internship Management System Employer Login Endpoint login.php sql injection
Summary
A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376296 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376296/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14700 | third-party-advisory |
| https://vuldb.com/submit/846889 | third-party-advisory |
| https://github.com/zzzxc643/CVE1/blob/main/assess… | exploit |
| https://code-projects.org/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Internship Management System |
Affected:
1.0
cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"Employer Login Endpoint"
],
"product": "Internship Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:30:09.324Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376296 | code-projects Internship Management System Employer Login Endpoint login.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376296"
},
{
"name": "VDB-376296 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376296/cti"
},
{
"name": "CVE-2026-14700 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14700"
},
{
"name": "Submit #846889 | Internship Portal file `employer/login.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846889"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul7.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:29:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Internship Management System Employer Login Endpoint login.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14700",
"datePublished": "2026-07-05T03:30:09.324Z",
"dateReserved": "2026-07-04T05:24:35.276Z",
"dateUpdated": "2026-07-05T03:30:09.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-14701 (GCVE-0-2026-14701)
Vulnerability from cvelistv5 – Published: 2026-07-05 03:45 – Updated: 2026-07-05 03:45 X_Freeware
VLAI
Title
code-projects Internship Management System Password Change Endpoint change_password.php sql injection
Summary
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
Severity
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376297 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376297/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14701 | third-party-advisory |
| https://vuldb.com/submit/846890 | third-party-advisory |
| https://github.com/zzzxc643/CVE1/blob/main/assess… | exploit |
| https://code-projects.org/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Internship Management System |
Affected:
1.0
cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"Password Change Endpoint"
],
"product": "Internship Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/change_password.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed remotely. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:45:08.160Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376297 | code-projects Internship Management System Password Change Endpoint change_password.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376297"
},
{
"name": "VDB-376297 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376297/cti"
},
{
"name": "CVE-2026-14701 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14701"
},
{
"name": "Submit #846890 | Internship Portal file `employer/details/change_password.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846890"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul8.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:29:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Internship Management System Password Change Endpoint change_password.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14701",
"datePublished": "2026-07-05T03:45:08.160Z",
"dateReserved": "2026-07-04T05:24:37.642Z",
"dateUpdated": "2026-07-05T03:45:08.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-14700 (GCVE-0-2026-14700)
Vulnerability from cvelistv5 – Published: 2026-07-05 03:30 – Updated: 2026-07-05 03:30 X_Freeware
VLAI
Title
code-projects Internship Management System Employer Login Endpoint login.php sql injection
Summary
A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376296 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376296/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14700 | third-party-advisory |
| https://vuldb.com/submit/846889 | third-party-advisory |
| https://github.com/zzzxc643/CVE1/blob/main/assess… | exploit |
| https://code-projects.org/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Internship Management System |
Affected:
1.0
cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:internship_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"Employer Login Endpoint"
],
"product": "Internship Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SSL_Seven_Security_Lab_WangZhiQiang_ZhanXiuChen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:30:09.324Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376296 | code-projects Internship Management System Employer Login Endpoint login.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376296"
},
{
"name": "VDB-376296 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376296/cti"
},
{
"name": "CVE-2026-14700 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14700"
},
{
"name": "Submit #846889 | Internship Portal file `employer/login.php` contains a Time-Based Blind SQL Injection vulnerability v1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846889"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/zzzxc643/CVE1/blob/main/assessment/vul7.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:29:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Internship Management System Employer Login Endpoint login.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14700",
"datePublished": "2026-07-05T03:30:09.324Z",
"dateReserved": "2026-07-04T05:24:35.276Z",
"dateUpdated": "2026-07-05T03:30:09.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}