Xxyopen CVE - OpenCVE

Filtered by vendor Xxyopen Subscribe

Total 42 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-42967	1 Xxyopen	1 Novel-plus	2024-11-21	7.5 HIGH	9.8 CRITICAL
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.
CVE-2021-41921	1 Xxyopen	1 Novel-plus	2024-11-21	7.5 HIGH	9.8 CRITICAL
novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.

Vulnerabilities (CVE)