CVE-2026-1700

EUVD-2026-5012
A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
VulDBCNA
3.5 LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
projectworldshouse_rental_and_property_listing_project
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/jiahao412/CVE/issues/3
https://vuldb.com/?ctiid.343490
https://vuldb.com/?id.343490
https://vuldb.com/?submit.741977