CVE-2023-46792

Name of the Vulnerable Software and Affected Versions Online Matrimonial Project version 1.0

Description The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the filename attribute of the pic4 multipart parameter is vulnerable.

Recommendations For Online Matrimonial Project version 1.0, consider restricting access to the pic4 multipart parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the filename attribute in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.