CVE-2026-10262 | code-projects Real State Services 1.0 Login /loginuser.php Username sql injection

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability classified as critical has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection.

This vulnerability is documented as CVE-2026-10262. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-10262 | code-projects Real State Services 1.0 Login /loginuser.php Username sql injection

Post correlati

CVE-2024-27349 | Apache HugeGraph-Server up to 1.2.x RESTful-API authentication spoofing

CVE-2024-36811 | aimeos 2024.04 PHP File unrestricted upload

CVE-2024-56772 | Linux Kernel up to 6.12.3 kunit_init_suite use after free

CVE-2024-35571 | Tenda AX1806 1.0.0.1 formSetIptv iptv.stb.mode stack-based overflow