VYPR
Unrated severityNVD Advisory· Published Feb 8, 2024· Updated Aug 26, 2024

CVE-2024-24023

CVE-2024-24023

Description

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/bookContent/list.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.