CVE-2025-4017 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 LogController.java list improper authorization

A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization.

This vulnerability was named CVE-2025-4017. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4017 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 LogController.java list improper authorization

Post correlati

CVE-2024-53856 | rPGP up to 0.14.0 Data length parameter

CVE-2024-13370 | Youzify Plugin up to 1.3.2 on WordPress save_addon_key_license authorization

CVE-2022-45185 | SalesAgility SuiteCRM 7.12.7 unrestricted upload

CVE-2024-45697 | D-Link DIR-X4860 A1 1.00/1.04 Telnet Service backdoor