Lucene search
XxyopenNovel-plus3.6.1
2 matches found
CVE-2021-41921
novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.
9.8CVSS9.6AI score0.0081EPSS
CVE-2022-35121
Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java.
9.8CVSS9.8AI score0.00077EPSS