CVE-2024-24023 | novel-plus up to 4.3.0-RC1 /novel/bookContent/list offset/limit/sort sql injection

Posted by Angelo Barbosa | Feb 8, 2024 | CVE

A vulnerability classified as critical was found in novel-plus up to 4.3.0-RC1. Affected by this vulnerability is an unknown functionality of the file /novel/bookContent/list. The manipulation of the argument offset/limit/sort leads to sql injection.

This vulnerability is known as CVE-2024-24023. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-24023 | novel-plus up to 4.3.0-RC1 /novel/bookContent/list offset/limit/sort sql injection

Related Posts

CVE-2024-35773 | WPJohnny Comment Reply Email Plugin up to 1.3 on WordPress cross-site request forgery

CVE-2024-31810 | Totolink EX200 4.0.3c.7646_B20201211 /etc/shadow.sample hard-coded password

CVE-2024-3107 | Spectra Plugin up to 2.12.6 on WordPress path traversal

CVE-2024-0995 | Tenda W6 1.0.0.9(4122) httpd /goform/wifiSSIDset formwrlSSIDset index stack-based overflow