Medium severity6.3NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2026-9449
CVE-2026-9449
Description
A vulnerability was identified in code-projects Employee Management System 1.0. This impacts an unknown function of the file /changepassemp.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.0
Patches
Vulnerability mechanics
References
5News mentions
1- Code Projects Employee Management System: Nine SQLi and XSS Flaws Disclosed in a Single BatchVypr Intelligence · May 25, 2026