CVE-2023-46800

Name of the Vulnerable Software and Affected Versions Online Matrimonial Project version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the id parameter of the "view profile.php" resource does not validate the characters received and they are sent unfiltered to the database.

Recommendations For Online Matrimonial Project version 1.0, consider validating and filtering the id parameter in the "view profile.php" resource to prevent SQL injection attacks. As a temporary workaround, restrict access to the "view profile.php" resource until a proper fix is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.