CVE-2023-6413

Name of the Vulnerable Software and Affected Versions Voovi Social Networking Script version 1.0

Description A SQL injection vulnerability has been reported, affecting the photos.php endpoint in the id and user parameters. This could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application.

Recommendations For Voovi Social Networking Script version 1.0, consider disabling access to the photos.php endpoint or restricting the use of the id and user parameters until a patch is available. As a temporary workaround, restrict access to the photos.php endpoint to minimize the risk of exploitation.