Vulnerabilities > Xxyopen > Novel Plus > 3.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-24015 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |
| 2023-12-29 | CVE-2023-7171 | Cross-site Scripting vulnerability in Xxyopen Novel-Plus A vulnerability was found in Novel-Plus up to 4.2.0. | 4.8 |
| 2023-12-29 | CVE-2023-7166 | Cross-site Scripting vulnerability in Xxyopen Novel-Plus A vulnerability classified as problematic has been found in Novel-Plus up to 4.2.0. | 5.4 |
| 2022-05-05 | CVE-2022-28462 | Files or Directories Accessible to External Parties vulnerability in Xxyopen Novel-Plus 3.6.0 novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. | 7.5 |
| 2022-02-10 | CVE-2022-24568 | Server-Side Request Forgery (SSRF) vulnerability in Xxyopen Novel-Plus 3.6.0 Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input. | 9.8 |