Podatność CVE-2023-6652


Publikacja: 2023-12-10   Modyfikacja: 2023-12-14

Opis:
A vulnerability was found in code-projects Matrimonial Site 1.0. It has been declared as critical. Affected by this vulnerability is the function register of the file /register.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247345 was assigned to this vulnerability.

Typ:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

Affected software
Carmelogarcia -> Matrimonial site 

 Referencje:
https://vuldb.com/?id.247345
https://vuldb.com/?ctiid.247345
https://github.com/sweatxi/BugHub/blob/main/Matrimonial%20Site%20System%20functions.php%20%20has%20Sqlinjection.pdf

Copyright 2024, cxsecurity.com

 

Back to Top