2 matches found
CVE-2022-35121
Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java...
CVE-2022-35121
CVE-2022-35121 affects Novel-Plus v3.6.1 with a SQL injection via the keyword parameter on the endpoint /service/impl/BookServiceImpl.java. The NVD entry lists a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, no privileges required, and user interaction not needed; impact is H...