20 matches found
EUVD-2023-34491
Malicious code in bioql PyPI...
EUVD-2023-33566
Malicious code in bioql PyPI...
EUVD-2023-33565
Malicious code in bioql PyPI...
CVE-2023-1607
A vulnerability was found in novel-plus 3.6.2. It has been classified as critical. This affects an unknown part of the file /common/sysFile/list. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-2039
A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10=0ℴ=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-30058
novel-plus 3.6.2 is vulnerable to SQL Injection...
CVE-2023-30058
novel-plus 3.6.2 is vulnerable to SQL Injection...
CVE-2023-2040
A vulnerability classified as critical has been found in novel-plus 3.6.2. Affected is an unknown function of the file /news/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2023-2041 novel-plus sql injection
A vulnerability classified as critical was found in novel-plus 3.6.2. Affected by this vulnerability is an unknown functionality of the file /category/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2023-2040
CVE-2023-2040 affects novel-plus version 3.6.2. The vulnerability is an SQL injection in the /news/list?limit=10&offset=0&order=desc endpoint, caused by manipulation of the sort parameter. It is exploitable remotely, and the exploit has been publicly disclosed. Multiple connected sources corrobor...
CVE-2023-2039
A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2023-1607
A vulnerability was found in novel-plus 3.6.2. It has been classified as critical. This affects an unknown part of the file /common/sysFile/list. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
Sql injection
A vulnerability was found in novel-plus 3.6.2. It has been classified as critical. This affects an unknown part of the file /common/sysFile/list. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-1607
CVE-2023-1607 affects novel-plus 3.6.2. The vulnerability exists in the /common/sysFile/list component, where manipulating the sort argument enables SQL injection. Remote exploitation is possible, and the exploit has been disclosed publicly. There is no patch information in the provided documents...
Sql injection
A vulnerability was found in novel-plus 3.6.2 and classified as critical. Affected by this issue is some unknown functionality of the file DictController.java. The manipulation of the argument orderby leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2023-1606
CVE-2023-1606 affects novel-plus 3.6.2. The vulnerability is a SQL injection in an unknown function within DictController.java caused by manipulation of the orderby argument, allowing remote exploitation. Public exploits are reported. The trait shows high-severity impact across confidentiality, i...
CVE-2023-1595 novel-plus list sql injection
A vulnerability has been found in novel-plus 3.6.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file common/log/list. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2023-1594
A vulnerability, which was classified as critical, was found in novel-plus 3.6.2. Affected is the function MenuService of the file sys/menu/list. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
CVE-2023-1594 novel-plus list MenuService sql injection
A vulnerability, which was classified as critical, was found in novel-plus 3.6.2. Affected is the function MenuService of the file sys/menu/list. The manipulation of the argument sort leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
novel-plus SQL注入漏洞
novel-plus novel-plus is a multi-end PC, WAP reading, functional original literature CMS system. A security vulnerability exists in novel-plus version 3.6.2, which stems from a problem in the file /common/sysFile/list, where the operation of the parameter sort can lead to sql injection...