Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized.
AnalysisAI
Weak cryptographic hash usage in code-projects Chat System 1.0 allows remote attackers to compromise password security through the MD5 Hash Handler in update_user.php. The vulnerability stems from use of MD5 for password hashing, a cryptographically broken algorithm that enables rapid offline cracking of password hashes. Publicly disclosed exploit code exists, though exploitation requires high attack complexity. The vulnerability impacts password confidentiality with low direct severity but creates substantial downstream risks for user account compromise.
Technical ContextAI
The vulnerability resides in the password handling mechanism of update_user.php, specifically within the MD5 Hash Handler component. MD5 (Message Digest Algorithm 5) is a deprecated cryptographic hash function that produces 128-bit fixed-length hashes and is vulnerable to collision attacks and efficient brute-force offline cracking due to its computational speed. CWE-327 (Use of a Broken or Risky Cryptographic Algorithm) classifies this as improper selection of a weak hashing algorithm for sensitive data protection. Modern password handling requires salted, iterative key derivation functions like bcrypt, scrypt, Argon2, or PBKDF2; MD5 lacks both salting and computational cost properties necessary for password security.
RemediationAI
Immediate patching requires replacing the MD5 hash implementation in update_user.php with a modern password hashing algorithm; contact code-projects at https://code-projects.org/ to confirm availability of version 1.1 or later containing bcrypt, scrypt, or Argon2 implementation. If no vendor patch is released, implement compensating controls: (1) force password reset for all users upon deploying a patched version; (2) disable password updates via the vulnerable update_user.php endpoint until patched, routing password changes through a separate, hardened mechanism using strong hashing; (3) monitor authentication logs for brute-force attempts indicating offline cracking activity; (4) implement account lockout policies (e.g., 5 failed attempts within 15 minutes). Note that these workarounds do not protect already-issued MD5 hashes if the database was previously compromised - comprehensive password reset is the only recovery path. No vendor advisory was identified; direct outreach to code-projects.org is recommended for current patch status.
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Rated critical severity (C
Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP c
Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1
NetAlertX (formerly PiAlert) versions 23.01.14 through 24.x before 24.10.12 allow unauthenticated command injection thro
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25803