CVE-2026-6160 MEDIUM

CVE-2026-6160: code-projects Simple ChatBox Endpoint chatbox.sql SimpleChatbox_PHP file information disclosure

Vendor Code-Projects

Product Simple ChatBox

Weakness CWE-538

Published April 13, 2026

Last update April 14, 2026

View on NVD All CVEs

CVSS base score

6.9/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

Description

A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

Key dates

Disclosure timeline

April 13, 2026 CVE published

April 14, 2026 Record updated