Vulnerabilities > Xxyopen
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-24015 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |
| 2024-01-26 | CVE-2024-0941 | SQL Injection vulnerability in Xxyopen Novel-Plus 4.3.0 A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. | 9.8 |
| 2024-01-18 | CVE-2024-0655 | SQL Injection vulnerability in Xxyopen Novel-Plus 4.3.0 A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. | 9.8 |
| 2023-12-29 | CVE-2023-7171 | Cross-site Scripting vulnerability in Xxyopen Novel-Plus A vulnerability was found in Novel-Plus up to 4.2.0. | 4.8 |
| 2023-12-29 | CVE-2023-7166 | Cross-site Scripting vulnerability in Xxyopen Novel-Plus A vulnerability classified as problematic has been found in Novel-Plus up to 4.2.0. | 5.4 |
| 2023-11-05 | CVE-2023-46981 | SQL Injection vulnerability in Xxyopen Novel-Plus 4.2.0 SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list. | 9.8 |
| 2023-09-18 | CVE-2023-41443 | SQL Injection vulnerability in Xxyopen Novel-Plus 4.1.0 SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list. | 7.2 |
| 2023-09-11 | CVE-2023-30058 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 novel-plus 3.6.2 is vulnerable to SQL Injection. | 9.8 |
| 2023-04-14 | CVE-2023-2040 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability classified as critical has been found in novel-plus 3.6.2. | 8.8 |
| 2023-04-14 | CVE-2023-2041 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability classified as critical was found in novel-plus 3.6.2. | 8.8 |