VYPR

novel-plus

by Morty Py

CVEs (1)

  • CVE-2023-2040MedApr 14, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in novel-plus 3.6.2. Affected is an unknown function of the file /news/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit…