A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
History

Mon, 06 Jul 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 05 Jul 2026 11:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
Title code-projects Real State Services normalHomeSale.php sql injection
First Time appeared Code-projects
Code-projects real State Services
Weaknesses CWE-74
CWE-89
CPEs cpe:2.3:a:code-projects:real_state_services:*:*:*:*:*:*:*:*
Vendors & Products Code-projects
Code-projects real State Services
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-07-05T11:00:09.185Z

Updated: 2026-07-06T18:43:28.717Z

Reserved: 2026-07-04T12:56:41.679Z

Link: CVE-2026-14743

cve-icon Vulnrichment

Updated: 2026-07-06T18:21:01.007Z

cve-icon NVD

No data.

cve-icon Redhat

No data.