Xxyopen: Security Vulnerabilities
novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-04-28
Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-02-10
Page 6