| Title | 201206030/novel-plus novel-plus 4.3.0-RC1 SQLi |
|---|
| Description | In the novel-plus version 4.3.0-RC1, there is an SQL injection vulnerability in the "/novel/bookSetting/list" interface.
版本 / Version
4.3.0-RC1
什么问题 / What's the problem
In the novel-plus system, there exists an SQL injection vulnerability in the /novel/bookSetting/list interface.
在novel-plus系统中/novel/bookSetting/list接口存在SQL注入漏洞
Referer:
https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md |
|---|
| Source | ⚠️ https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md |
|---|
| User | red0_ZhaoSi (UID 61455) |
|---|
| Submission | 01/15/2024 08:07 (2 years ago) |
|---|
| Moderation | 01/17/2024 15:38 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 251383 [Novel-Plus 4.3.0-RC1 /novel/bookSetting/list sort sql injection] |
|---|
| Points | 20 |
|---|