CVE-2024-24023
Summary (CVE-2024-24023) A SQL injection vulnerability affects Novel-Plus v4.3.0-RC1 and earlier. The issue allows an attacker to exploit the API endpoint /novel/bookContent/list by passing specially crafted offset, limit, and sort parameters, enabling untrusted SQL execution with high impact (co...