CVE-2025-45890

Critical CVSS: 9.8

Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter

Vendor

Product

CWE

Yayın Tarihi

2025-06-20 16:15:29

Güncelleme

2025-06-26 14:25:56

Source Identifier

cve@mitre.org

KEV Date Added

CWE-22 Novel-plus CRITICAL Xxyopen 2025

https://github.com/SecureCore1/CVE/blob/main/novel-plus/readme.md https://github.com/SecureCore1/CVE/blob/main/novel-plus/readme.md

Medium

CVE-2025-65442

DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel V3.5.0 allows remote attackers to execute arbitrar…

Medium

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /author/updat…

Medium

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /book/addComme…

Low

CVE-2025-6534

A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affect…

Medium

CVE-2025-6535

A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerabilit…

Medium

CVE-2025-6533

A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus up to 5.1.3. Affected…