CVE-2026-1700
Cross-Site Scripting in House Rental /app/sms.php Remote Exploit
Publication date: 2026-01-30
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| projectworlds | house_rental_and_property_listing_project | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1700 is a Cross-Site Scripting (XSS) vulnerability in the House Rental and Property Listing Project version 1.0, specifically in the '/app/sms.php' file. The vulnerability occurs because the application takes user input from the 'message' parameter and outputs it directly to the web page without proper encoding or filtering. This allows attackers to inject malicious JavaScript code that executes in the victim's browser, potentially leading to unauthorized actions or data theft. [1, 3]
How can this vulnerability impact me? :
This vulnerability can allow attackers to steal sensitive information such as cookies and session tokens, perform unauthorized actions on behalf of the user, deface web pages, redirect users to malicious sites, and potentially gain control over the victim's browser. Exploitation does not require user login or authorization, making it easier for attackers to exploit remotely. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /app/sms.php endpoint for improper handling of the 'message' parameter. One method is to send HTTP requests with a payload such as `<script>alert('XSS')</script>` in the 'message' parameter and observe if the script executes or is reflected unencoded in the response. Additionally, attackers can locate vulnerable targets using Google hacking with the query "inurl:app/sms.php" to find instances of the vulnerable application. Example command using curl to test the vulnerability: `curl -G --data-urlencode "message=<script>alert('XSS')</script>" http://targetsite.com/app/sms.php` and then check if the response contains the injected script unencoded. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Implement proper output encoding for the 'message' parameter based on the context (HTML, JavaScript, etc.) to prevent execution of injected scripts. 2. Enforce strict input validation and filtering to accept only expected input formats and sanitize or reject malicious content such as script tags. 3. Deploy a strict Content Security Policy (CSP) to restrict sources of executable scripts and prevent unauthorized script execution. 4. Set HttpOnly and Secure flags on cookies to protect sensitive data from JavaScript access and ensure secure transmission. 5. Conduct regular security audits and code reviews to detect and remediate XSS vulnerabilities promptly. If possible, consider replacing the affected component with a secure alternative. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not explicitly discuss the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows attackers to steal sensitive information like cookies and session tokens and perform unauthorized actions, it could potentially lead to data breaches or unauthorized access to personal data, which may affect compliance with data protection regulations. No direct statements about compliance impact or regulatory consequences are given. [1, 3]