novel-plus SQL injection vulnerability (CNVD-2023-32773)
novel-plus novel boutique-plus is a multi-end PC, WAP reading, functional original literature CMS system. novel-plus version 3.6.2 suffers from a SQL injection vulnerability, which originates from a problem with the file /news/list?limit=10&offset=0&order=desc, where the operation of the paramete...