Novel-plus Security Vulnerabilities and Issues — Novel-plus CVE List

Lucene search

XxyopenNovel-plus

4 matches found

CVE•added 2025/04/22 1:15 a.m.•59 views

CVE-2025-3856

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclo...

6.5CVSS6.7AI score0.00039EPSS

CVE•added 2025/03/04 5:15 p.m.•51 views

CVE-2025-26182

An issue in xxyopen novel plus v.4.4.0 and before allows a remote attacker to execute arbitrary code via the PageController.java file

6.5CVSS7.6AI score0.00165EPSS

CVE•added 2025/04/07 2:15 p.m.•48 views

CVE-2025-3369

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /novel/friendLink/list. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been disc...

6.5CVSS7.4AI score0.00039EPSS

CVE•added 2025/06/24 1:15 a.m.•10 views

CVE-2025-6534

A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation leads to improper con...

6.8CVSS7AI score0.00066EPSS