Vulnerabilities > Xxyopen > Novel Plus > 3.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2023-1594 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability, which was classified as critical, was found in novel-plus 3.6.2. | 9.8 |
| 2022-09-01 | CVE-2022-36671 | Download of Code Without Integrity Check vulnerability in Xxyopen Novel-Plus 3.6.2 Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API. | 7.5 |
| 2022-09-01 | CVE-2022-36672 | Use of Hard-coded Credentials vulnerability in Xxyopen Novel-Plus 3.6.2 Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. | 9.8 |