CVE-2026-7103

LOW 3.7

code-projects Chat System MD5 Hash update_user.php weak hash

CVSS Score

3.7

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized.

CWE	CWE-328 CWE-327
Vendor	code-projects
Product	chat system
Published	Apr 27, 2026

Stay Ahead of the Next One

Get instant alerts for code-projects chat system

Be the first to know when new low vulnerabilities affecting code-projects chat system are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

code-projects / Chat System

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/359678 vuldb.com: https://vuldb.com/vuln/359678/cti vuldb.com: https://vuldb.com/submit/800384 gist.github.com: https://gist.github.com/higordiego/84ae7f08f5c23debebf309de3920bda2 code-projects.org: https://code-projects.org/

Credits

🔍 c4ttr4ck (VulDB User)