CVE-2026-14796

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Configurations

No configuration.

History

06 Jul 2026, 10:10

Type Values Removed Values Added
Summary
  • (es) Se ha detectado una vulnerabilidad en el sistema de gestión de visitantes de CodeAstro Apartment 1.0. Esta afecta a una parte desconocida del archivo /apartment-visitor/report.php. La manipulación del argumento fromdate da lugar a una inyección SQL. Es posible lanzar el ataque de forma remota. El código de explotación se ha hecho público y podría utilizarse.

06 Jul 2026, 05:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-06 05:16

Updated : 2026-07-06 18:02


NVD link : CVE-2026-14796

Mitre link : CVE-2026-14796

CVE.ORG link : CVE-2026-14796


JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')