A vulnerability, which was classified as critical , has been found in code-projects Project Management System 1.0 . Affected is an unknown function of the file chk.php of the component Login . The manipulation leads to sql injection. This vulnerability is traded as CVE-2026-9584 . It is possible to initiate the attack remotely. Furthermore, there is an exploit available.