2 matches found
CVE-2024-24017
creationtimestamp| type| source ---|---|--- 2024-02-08 03:31:45+00:00| seen| https://t.me/ctinow/181136...
CVE-2024-24017
The data shows a SQL injection vulnerability in Novel-Plus v4.3.0-RC1 and earlier, exploitable via crafted offset, limit, and sort parameters to /common/dict/list. Affected component is the API endpoint handling dictionary/list operations; root cause is improper handling of user-supplied paginati...