Vulnerabilities > Xxyopen

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-08	CVE-2024-24014	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. network low complexity xxyopen CWE-89 critical	9.8
2024-02-08	CVE-2024-24017	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. network low complexity xxyopen CWE-89 critical	9.8
2024-02-08	CVE-2024-24021	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. network low complexity xxyopen CWE-89 critical	9.8
2024-02-08	CVE-2024-24018	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. network low complexity xxyopen CWE-89 critical	9.8
2024-02-08	CVE-2024-24023	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. network low complexity xxyopen CWE-89 critical	9.8
2024-02-08	CVE-2024-24024	Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). network low complexity xxyopen CWE-434 critical	9.8
2024-02-08	CVE-2024-24025	Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). network low complexity xxyopen CWE-434 critical	9.8
2024-02-08	CVE-2024-24026	Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg(). network low complexity xxyopen CWE-434 critical	9.8
2024-02-07	CVE-2024-24019	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. network low complexity xxyopen CWE-89 critical	9.8
2024-02-06	CVE-2024-24013	SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. network low complexity xxyopen CWE-89 critical	9.8

Vulnerabilities > Xxyopen {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Xxyopen"}]}

Vulnerabilities > Xxyopen