CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

Novel-Plus 注入漏洞

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. An injection vulnerability exists in Novel-Plus version 3.5.0, which stems from improper manipulation of the sort parameter in the /api/front/search/books file, which could lead to an SQL injection attack...