CVE-2025-26182

Medium CVSS: 6.5

An issue in xxyopen novel plus v.4.4.0 and before allows a remote attacker to execute arbitrary code via the PageController.java file

Vendor

Product

CWE

Yayın Tarihi

2025-03-04 17:15:18

Güncelleme

2025-06-24 15:30:19

Source Identifier

cve@mitre.org

KEV Date Added

CWE-94 Novel-plus MEDIUM Xxyopen 2025

https://gist.github.com/GSBP0/007355c5f6bd213264ae1c35c347e5cc

Medium

CVE-2025-65442

DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel V3.5.0 allows remote attackers to execute arbitrar…

Medium

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /author/updat…

Medium

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /book/addComme…

Low

CVE-2025-6534

A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affect…

Medium

CVE-2025-6535

A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerabilit…

Medium

CVE-2025-6533

A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected…