Vulnerabilities > Xxyopen > Novel Plus > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-18 | CVE-2023-41443 | SQL Injection vulnerability in Xxyopen Novel-Plus 4.1.0 SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list. | 7.2 |
2023-04-14 | CVE-2023-2040 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability classified as critical has been found in novel-plus 3.6.2. | 8.8 |
2023-04-14 | CVE-2023-2041 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability classified as critical was found in novel-plus 3.6.2. | 8.8 |
2023-04-14 | CVE-2023-2039 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability was found in novel-plus 3.6.2. | 8.8 |
2023-03-23 | CVE-2023-1607 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability was found in novel-plus 3.6.2. | 8.8 |
2023-03-23 | CVE-2023-1595 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability has been found in novel-plus 3.6.2 and classified as critical. | 7.2 |
2022-09-01 | CVE-2022-36671 | Download of Code Without Integrity Check vulnerability in Xxyopen Novel-Plus 3.6.2 Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API. | 7.5 |
2022-05-05 | CVE-2022-28462 | Files or Directories Accessible to External Parties vulnerability in Xxyopen Novel-Plus 3.6.0 novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. | 7.5 |