Approved changes feed: RSS · Atom

cpe:2.3:a:projectworlds_pvt._limited:online_matrimonial_project:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorProjectworlds Pvt. Limited (8e478e47-7374-562d-9dd8-dec161a8c34d)
ProductOnline Matrimonial Project (6fe436d5-21a2-5b69-8358-14e404089712)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-46800 vulnerable 2026-06-08 06:14:23.317164 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the view_profile.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-07T21:19:21.672Z
Updated: 2024-09-04T15:37:42.963Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46793 vulnerable 2026-06-08 06:14:23.315961 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-07T21:10:20.104Z
Updated: 2024-09-17T13:04:39.293Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46789 vulnerable 2026-06-08 06:14:23.315034 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-07T21:02:14.461Z
Updated: 2024-09-17T13:05:41.498Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46788 vulnerable 2026-06-08 06:14:23.304473 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter in the 'uploadphoto()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-07T21:01:11.340Z
Updated: 2024-09-17T13:06:16.599Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46787 vulnerable 2026-06-08 06:14:23.303927 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-07T20:59:34.528Z
Updated: 2024-09-17T13:30:48.913Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46785 vulnerable 2026-06-08 06:14:23.302197 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.