| Titel | 201206030/novel-plus novel-plus 4.3.0-RC1 SQLi |
|---|
| Beschreibung | In the novel-plus version 4.3.0-RC1, there is an SQL injection vulnerability in the "/novel/bookSetting/list" interface.
版本 / Version
4.3.0-RC1
什么问题 / What's the problem
In the novel-plus system, there exists an SQL injection vulnerability in the /novel/bookSetting/list interface.
在novel-plus系统中/novel/bookSetting/list接口存在SQL注入漏洞
Referer:
https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md |
|---|
| Quelle | ⚠️ https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md |
|---|
| Benutzer | red0_ZhaoSi (UID 61455) |
|---|
| Einreichung | 15.01.2024 08:07 (vor 2 Jahren) |
|---|
| Moderieren | 17.01.2024 15:38 (2 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 251383 [Novel-Plus 4.3.0-RC1 /novel/bookSetting/list sort SQL Injection] |
|---|
| Punkte | 20 |
|---|