CVE-2023-6651

Name of the Vulnerable Software and Affected Versions code-projects Matrimonial Site version 1.0

Description A critical issue was found in the code-projects Matrimonial Site. The problem is related to an unknown function of the file /auth/auth.php?user=1. The manipulation of the username argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For code-projects Matrimonial Site version 1.0, as a temporary workaround, consider restricting access to the /auth/auth.php endpoint or disabling the manipulation of the username argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.