CVE-2026-7103 MEDIUM

CVE-2026-7103: code-projects Chat System MD5 Hash update_user.php weak hash

Vendor Code-Projects

Product Chat System

Weakness CWE-328 · Weak hash

Published April 27, 2026

Last update April 27, 2026

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

Description

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized.

Key dates

Disclosure timeline

April 27, 2026 CVE published

April 27, 2026 Record updated