Weak Hash Vulnerability in Code-Projects Chat System
CVE-2026-7103

6.3MEDIUM

Key Information:

Vendor

Code-projects

Status
Chat System
Vendor
CVE Published:
27 April 2026

What is CVE-2026-7103?

A security flaw has been identified in the Code-Projects Chat System version 1.0, specifically within the update_user.php file where the MD5 Hash Handler processes password changes. This vulnerability allows attackers to exploit the application by manipulating password arguments, resulting in the use of weak hashing algorithms. The potential for remote exploitation of this issue poses significant risks, particularly as the difficulty of executing attacks is classified as high. Discussions surrounding this vulnerability have been made public, increasing the urgency for users of the Chat System to review their security measures and update their systems accordingly.

Affected Version(s)

Chat System 1.0

References

https://vuldb.com/vuln/359678
vdb-entrytechnical-description
https://vuldb.com/vuln/359678/cti
signaturepermissions-required
https://vuldb.com/submit/800384
third-party-advisory

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

c4ttr4ck (VulDB User)
.