CVE-2026-14766

Severity CVSS v4.0:
LOW
Type:
CWE-74 Injection
Publication date:
05/07/2026
Last modified:
05/07/2026

Description

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.