Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-2029

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00088EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-18961

Malicious code in bioql PyPI...

6.3CVSS5.8AI score0.00377EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-10031

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00134EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-18972

Malicious code in bioql PyPI...

6.8CVSS4.8AI score0.00465EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-6164

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00757EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/06/26 3:12 a.m.4 views

CVE-2025-6535

A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/system/UserMapper.xml of the component User Management Module. The manipulation of the argument...

8.8CVSS7.5AI score0.00181EPSS
Exploits1References1
OSV
OSVadded 2025/06/24 1:15 a.m.2 views

CVE-2025-6535

A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/system/UserMapper.xml of the component User Management Module. The manipulation of the argument...

8.8CVSS6.6AI score
Exploits0References5
CVE
CVEadded 2025/06/24 1:0 a.m.16 views

CVE-2025-6535

CVE-2025-6535 affects xxyopen/201206030 novel-plus (up to 5.1.3). The vulnerability resides in the User Management Module, specifically the file path UserMapper.xml, where manipulation of the sort and order arguments leads to SQL injection. Exploitation is possible remotely, and public disclosure...

8.8CVSS7.4AI score0.00181EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2025/06/24 12:0 a.m.8 views

CVE-2025-6533 xxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replay

A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected by this issue is the function ajaxLogin of the file novel-admin/src/main/java/com/java2nb/system/controller/LoginController.java of the component CATCHA Handler. The manipulatio...

6.3CVSS0.00377EPSS
Exploits1References5
CVE
CVEadded 2025/06/24 12:0 a.m.14 views

CVE-2025-6533

CVE-2025-6533 affects xxyopen/201206030 novel-plus (up to v5.1.3). The vulnerability resides in ajaxLogin (LoginController.java, CATCHA Handler) and enables authentication bypass via capture-replay. Attack vector is remote over network; attack complexity is high, but public PoC/exploitation info ...

6.3CVSS7.2AI score0.00377EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2025/04/26 1:17 a.m.13 views

CVE-2025-3676

A vulnerability classified as critical has been found in xxyopen Novel-Plus 3.5.0. This affects an unknown part of the file /api/front/search/books. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS7.3AI score0.00179EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/26 1:16 a.m.14 views

CVE-2025-3856

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.2AI score0.00182EPSS
Exploits1References1
NVD
NVDadded 2025/04/22 1:15 a.m.6 views

CVE-2025-3856

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS0.00182EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/04/22 1:0 a.m.26 views

CVE-2025-3856 xxyopen Novel-Plus searchByPage sql injection

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.1AI score0.00182EPSS
Exploits1References4
CVE
CVEadded 2025/04/22 1:0 a.m.67 views

CVE-2025-3856

CVE-2025-3856 affects xxyopen Novel-Plus 5.1.0. The vulnerability is in the /book/searchByPage function, where the sort parameter is manipulated to trigger a SQL injection. It can be exploited remotely, and public disclosure exists. Connected documents consistently identify the vulnerable endpoin...

9.8CVSS6.7AI score0.00182EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/04/22 1:0 a.m.7 views

CVE-2025-3856 xxyopen Novel-Plus searchByPage sql injection

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.00182EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/04/22 12:0 a.m.1 views

PT-2025-17478 · Unknown · Xxyopen Novel-Plus

Name of the Vulnerable Software and Affected Versions: xxyopen Novel-Plus version 5.1.0 Description: A critical issue affects the searchByPage function of the /book/searchByPage file. The manipulation of the sort argument leads to SQL injection. It is possible to initiate the attack remotely. The...

6.5CVSS6.8AI score0.00182EPSS
Exploits1References10
NVD
NVDadded 2025/04/16 8:15 a.m.12 views

CVE-2025-3676

A vulnerability classified as critical has been found in xxyopen Novel-Plus 3.5.0. This affects an unknown part of the file /api/front/search/books. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS0.00179EPSS
Exploits1References4
OSV
OSVadded 2025/04/16 8:15 a.m.2 views

CVE-2025-3676

A vulnerability classified as critical has been found in xxyopen Novel-Plus 3.5.0. This affects an unknown part of the file /api/front/search/books. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS7.1AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/04/16 8:0 a.m.6 views

CVE-2025-3676 xxyopen Novel-Plus books sql injection

A vulnerability classified as critical has been found in xxyopen Novel-Plus 3.5.0. This affects an unknown part of the file /api/front/search/books. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

6.5CVSS6.7AI score0.00179EPSS
Exploits1References4
Rows per page
Query Builder