CVE-2026-7103

CVE Database · CVE-2026-7103

CVE-2026-7103

· LOWDeferred

CVSS v3.1

3.7

CVSS v4.0

2.9

EPSS

0.19%

Published

Apr 27, 2026

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-327CWE-328

References (6)

https://code-projects.org/

https://gist.github.com/higordiego/84ae7f08f5c23debebf309de3920bda2

https://vuldb.com/submit/800384

https://vuldb.com/vuln/359678

https://vuldb.com/vuln/359678/cti

https://gist.github.com/higordiego/84ae7f08f5c23debebf309de3920bda2

KEV Catalog EPSS Scores Vendors All CVEs