CVE-2025-4018 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 CrawlController.java addCrawlSource missing authentication

A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to missing authentication.

The identification of this vulnerability is CVE-2025-4018. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4018 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 CrawlController.java addCrawlSource missing authentication

Post correlati

CVE-2024-44009 | WC Lovers WCFM Marketplace Plugin up to 3.6.10 on WordPress cross site scripting

CVE-2025-4508 | PHPGurukul e-Diary Management System 1.0 /my-profile.php fname sql injection

CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy

CVE-2023-45924 | Freedesktop OpenGL libglvnd bb06db5a glXGetDrawableScreen null pointer dereference