Is PHP affected by EUVD-2026-14712?

CVE-2026-4626 is a low-severity vulnerability in A vulnerability involving cross-site scripting (CVSS 3.5). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation. Apply vendor updates when available as part of routine maintenance.

EUVD-2026-14712

| CVE-2026-4626 MEDIUM

2026-03-24 VulDB

GHSA-5mf3-2qwq-wqgq

5.1

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

PoC Detected

Apr 08, 2026 - 19:14 vuln.today

Public exploit code

Analysis Generated

Mar 24, 2026 - 03:30 vuln.today

EUVD ID Assigned

Mar 24, 2026 - 03:30 euvd

EUVD-2026-14712

CVE Published

Mar 24, 2026 - 02:46 nvd

MEDIUM 5.1

Description

A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyer_booking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

A stored cross-site scripting (XSS) vulnerability exists in projectworlds Lawyer Management System version 1.0 within the /lawyer_booking.php file, where the Description parameter fails to sanitize user input before rendering. An authenticated attacker can inject malicious JavaScript that executes in the context of other users' browsers, potentially leading to session hijacking, credential theft, or unauthorized actions. …

Remediation

During next maintenance window: Apply vendor patches when convenient. Verify cross-site scripting controls are in place.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +26

POC: +20

EUVD-2026-14712 vulnerability details – vuln.today

Back

EUVD-2026-14712

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-14712

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code