5 matches found
EUVD-2025-18961
Malicious code in bioql PyPI...
CVE-2025-6533
A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected by this issue is the function ajaxLogin of the file novel-admin/src/main/java/com/java2nb/system/controller/LoginController.java of the component CATCHA Handler. The manipulatio...
CVE-2025-6533 xxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replay
A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected by this issue is the function ajaxLogin of the file novel-admin/src/main/java/com/java2nb/system/controller/LoginController.java of the component CATCHA Handler. The manipulatio...
CVE-2025-6533
CVE-2025-6533 affects xxyopen/201206030 novel-plus (up to v5.1.3). The vulnerability resides in ajaxLogin (LoginController.java, CATCHA Handler) and enables authentication bypass via capture-replay. Attack vector is remote over network; attack complexity is high, but public PoC/exploitation info ...
PT-2025-26656 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: xxyopen/201206030 novel-plus versions up to 5.1.3 Description: A critical issue has been found in the ajaxLogin function of the LoginController.java file, part of the CATCHA Handler component. This issue leads to authentication bypass through...