RSS   Vulnerabilities for 'Novel-plus'   RSS

2022-05-05
 
CVE-2022-28462

CWE-552
 

 
novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability.

 
2022-04-28
 
CVE-2021-41921

CWE-434
 

 
novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.

 
2022-02-10
 
CVE-2022-24568

CWE-918
 

 
Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input.

 


Copyright 2024, cxsecurity.com

 

Back to Top