Aggregates CVE and security vulnerability intelligence across all aatifaneeq-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-6420 | A vulnerability has been reported in Voovi Social Networking Script version 1.0 that allows a XSS via signup2.php in the emailadd parameter, the exploitation of which could allow a remote attacker to send a specially crafted JavaScript payload and partially take over the browser session of an authenticated user. | [email protected] | 6.5 | 0.53% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6419 | A vulnerability has been reported in Voovi Social Networking Script version 1.0 that allows a XSS via editprofile.php in multiple parameters, the exploitation of which could allow a remote attacker to send a specially crafted JavaScript payload and partially take over the browser session of an authenticated user. | [email protected] | 6.5 | 0.53% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6418 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via videos.php in the id parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6417 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via update.php in the id parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6416 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via signup2.php in the emailadd parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6415 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via signin.php in the user parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6414 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via perfil.php in the id and user parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6413 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via photos.php in the id and user parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6412 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via photo.php in multiple parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6411 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via home.php in the update parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |
| CVE-2023-6410 | A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via editprofile.php in multiple parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the application. | [email protected] | 9.8 | 0.83% | 2023-11-30 | 2026-06-17 |