Vulnerabilities > Xxyopen

DATE CVE VULNERABILITY TITLE RISK
2022-04-28 CVE-2021-41921 Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus 3.6.1
novel-plus V3.6.1 allows unrestricted file uploads.
network
low complexity
xxyopen CWE-434
critical
9.8
2022-02-10 CVE-2022-24568 Server-Side Request Forgery (SSRF) vulnerability in Xxyopen Novel-Plus 3.6.0
Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.
network
low complexity
xxyopen CWE-918
critical
9.8