CVE-2023-6410

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 30, 2023

Updated: Dec 2, 2023

CWE ID 89

Summary

CVE-2023-6410 is a newly disclosed SQL injection vulnerability affecting the Voovi Social Networking Script version 1.0. This issue is found in the editprofile.php file and can be exploited by sending maliciously crafted input to multiple parameters. Successful exploitation enables an unauthorized attacker to execute arbitrary SQL queries on the server, potentially granting them access to sensitive data stored within the application.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tn_x8q
https://www.cve.org/CVERecord?id=CVE-2023-6410
https://nvd.nist.gov/vuln/detail/CVE-2023-6410

Back to Vulnerability Database

CVE-2023-6410

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations