Ghostwire

CVE-2026-7090: A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file...

LOW CVSS 2.4 Exploit Available

Published: April 27, 2026 | Last Modified: April 27, 2026

Description

A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used.

Ghostwire Analysis — What This Means Practically

Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

code-projects.org/
gist.github.com/higordiego/4683bee16b197643744159b76d0c1ea6
vuldb.com/submit/800383
vuldb.com/vuln/359665
vuldb.com/vuln/359665/cti
www.tenable.com/cve/CVE-2026-7090
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-7090
nvd.nist.gov/vuln/detail/CVE-2026-7090