PT-2026-35379 · Code Projects · Chat System

C4Ttr4Ck

Published

2026-04-27

Updated

2026-04-27

CVE-2026-7103

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions code-projects Chat System version 1.0

Description An issue exists in the MD5 Hash Handler component within the update user.php file. Manipulation of the Password argument leads to the use of a weak hash, which can be exploited remotely. This process involves a high level of complexity and is considered difficult to execute.

Recommendations As a temporary workaround, restrict access to the update user.php file or the MD5 Hash Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-328CWE-327

Related Identifiers

CVE-2026-7103

Affected Products

Chat System

PT-2026-35379 · Code Projects · Chat System

CVE-2026-7103

Weakness Enumeration

Related Identifiers

Affected Products

References · 10