CVE-2023-6410

Name of the Vulnerable Software and Affected Versions Voovi Social Networking Script version 1.0

Description A SQL injection vulnerability has been reported, affecting the editprofile.php endpoint in multiple parameters, such as username and password. This could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application.

Recommendations For Voovi Social Networking Script version 1.0, as a temporary workaround, consider restricting access to the editprofile.php endpoint until a patch is available. Avoid using vulnerable parameters in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.