CVE-2023-6410

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
30/11/2023
Last modified:
02/12/2023

Description

A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via editprofile.php in multiple parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:aatifaneeq:voovi:1.0:*:*:*:*:*:*:*