Product:

Novel\-Plus

(Xxyopen)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 32
Date Id Summary Products Score Patch Annotated
2024-02-08 CVE-2024-24017 A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /common/dict/list Novel\-Plus 9.8
2024-02-08 CVE-2024-24021 A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/userFeedback/list. Novel\-Plus 9.8