CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-0655

A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /novel/bookSetting/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251383.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.0%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.2

References

https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md
https://vuldb.com/?ctiid.251383
https://vuldb.com/?id.251383
https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md
https://vuldb.com/?ctiid.251383
https://vuldb.com/?id.251383

Products affected by CVE-2024-0655

Xxyopen » Novel-Plus » Version: 4.3.0

cpe:2.3:a:xxyopen:novel-plus:4.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0655

Products

Pricing

Contact Us