Novel-plus Security Vulnerabilities and Issues — Novel-plus CVE List

Lucene search

XxyopenNovel-plus

4 matches found

CVE•added 2022/09/01 3:15 a.m.•310 views

CVE-2022-36671

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API.

7.5CVSS7.6AI score0.00095EPSS

CVE•added 2023/09/18 10:15 p.m.•93 views

CVE-2023-41443

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list.

7.2CVSS7.3AI score0.00885EPSS

Web

CVE•added 2023/03/23 11:15 a.m.•86 views

CVE-2023-1595

A vulnerability has been found in novel-plus 3.6.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file common/log/list. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to...

7.2CVSS6.1AI score0.00163EPSS

Web

CVE•added 2022/05/05 1:15 p.m.•65 views

CVE-2022-28462

novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability.

7.5CVSS7.5AI score0.00251EPSS