6 matches found
CVE-2023-1606
A vulnerability was found in novel-plus 3.6.2 and classified as critical. Affected by this issue is some unknown functionality of the file DictController.java. The manipulation of the argument orderby leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2023-1606
A vulnerability was found in novel-plus 3.6.2 and classified as critical. Affected by this issue is some unknown functionality of the file DictController.java. The manipulation of the argument orderby leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
Sql injection
A vulnerability was found in novel-plus 3.6.2 and classified as critical. Affected by this issue is some unknown functionality of the file DictController.java. The manipulation of the argument orderby leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2023-1606
CVE-2023-1606 affects novel-plus 3.6.2. The vulnerability is a SQL injection in an unknown function within DictController.java caused by manipulation of the orderby argument, allowing remote exploitation. Public exploits are reported. The trait shows high-severity impact across confidentiality, i...
CVE-2023-1606 novel-plus DictController.java sql injection
A vulnerability was found in novel-plus 3.6.2 and classified as critical. Affected by this issue is some unknown functionality of the file DictController.java. The manipulation of the argument orderby leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
PT-2023-17112 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: novel-plus version 3.6.2 Description: A critical issue affects some unknown functionality of the file DictController.java. The manipulation of the orderby argument leads to SQL injection. The attack can be launched remotely. Recommendations:...