CVE-2025-4019 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 GeneratorController.java genCode missing authentication

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication.

This vulnerability is traded as CVE-2025-4019. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4019 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 GeneratorController.java genCode missing authentication

Post correlati

CVE-2024-53835 | Google Android Biometric improper authentication

CVE-2025-23831 | Rene Hermenau QR Code Generator Plugin up to 1.2.6 on WordPress cross site scripting

CVE-2024-26141 | rubygem-rack Header Range denial of service

CVE-2024-2013 | Hitachi Energy FOXMAN-UN/UNEM API Gateway authentication bypass