Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

8 matches found

NVD
NVDโ€ขadded 2023/11/05 12:15 a.m.โ€ข13 views

CVE-2023-46981

SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...

9.8CVSS9.7AI score0.01017EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBโ€ขadded 2023/11/05 12:15 a.m.โ€ข3 views

CVE-2023-46981

SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...

9.8CVSS6.3AI score0.01017EPSS
Exploits1References2
Prion
Prionโ€ขadded 2023/11/05 12:15 a.m.โ€ข10 views

Sql injection

SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...

7.5CVSS8.9AI score0.01017EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDโ€ขadded 2023/11/05 12:0 a.m.โ€ข3 views

Novel-Plus Security Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. A security vulnerability exists in Novel-Plus version v.4.2.0. An attacker can exploit the vulnerability by executing arbitrary code via a specially crafted script on the sort parameter in /common/log/list...

9.8CVSS7.3AI score0.01017EPSS
Exploits1References2
Positive Technologies
Positive Technologiesโ€ขadded 2023/11/04 12:0 a.m.โ€ข2 views

PT-2023-30282 ยท Unknown ยท Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus version 4.2.0 Description: A SQL injection issue allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in the "/common/log/list" API endpoint. Recommendations: For Novel-Plus version 4.2.0,...

9.8CVSS9.7AI score0.01017EPSS
Exploits1References3
CVE
CVEโ€ขadded 2023/03/23 10:31 a.m.โ€ข96 views

CVE-2023-1595

CVE-2023-1595 affects novel-plus 3.6.2, specifically the file path common/log/list. The root cause is manipulation of the sort argument, enabling SQL injection. The vulnerability can be exploited remotely, and public disclosure exists. Connected sources describe it as a high-severity issue with S...

7.2CVSS6.1AI score0.00483EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistโ€ขadded 2023/03/23 10:31 a.m.โ€ข16 views

CVE-2023-1595 novel-plus list sql injection

A vulnerability has been found in novel-plus 3.6.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file common/log/list. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...

5.8CVSS7.5AI score0.00483EPSS
Exploits1References3
Positive Technologies
Positive Technologiesโ€ขadded 2023/03/23 12:0 a.m.โ€ข4 views

PT-2023-17104 ยท Unknown ยท Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.2 Description: A critical issue has been found in an unknown functionality of the file common/log/list. The manipulation of the sort argument leads to SQL injection. The attack can be launched remotely. Recommendations:...

7.2CVSS6AI score0.00483EPSS
Exploits1References7
Rows per page
Query Builder