Novel Plus
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-24019 | Cri | 0.64 | 9.8 | 0.01 | Feb 7, 2024 | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list | ||
| CVE-2023-46981 | Cri | 0.64 | 9.8 | 0.01 | Nov 5, 2023 | SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list. | ||
| CVE-2024-0941 | Med | 0.36 | 5.5 | 0.01 | Jan 26, 2024 | A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects some unknown processing of the file /novel/bookComment/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be… | ||
| CVE-2024-0655 | Med | 0.36 | 5.5 | 0.01 | Jan 18, 2024 | A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /novel/bookSetting/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the… |
- risk 0.64cvss 9.8epss 0.01
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list.
- risk 0.36cvss 5.5epss 0.01
A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects some unknown processing of the file /novel/bookComment/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be…
- risk 0.36cvss 5.5epss 0.01
A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /novel/bookSetting/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the…