6.9
CVE-2025-4019 - 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authenโฆ
6.9
CVE-2025-4018 - 20120630 Novel-Plus CrawlController.java addCrawlSource missing authentication
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to โฆ
5.3
CVE-2025-4017 - 20120630 Novel-Plus LogController.java list improper authorization
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authoriโฆ
5.3
CVE-2025-4016 - 20120630 Novel-Plus LogController.java deleteIndex improper authorization
A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorizationโฆ
6.9
CVE-2025-4015 - 20120630 Novel-Plus SessionController.java list missing authentication
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missing โฆ
9.1
CVE-2025-3200 - Com-Server Exposed via Weak TLS
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.
6.9
CVE-2025-4014 - PHPGurukul Art Gallery Management System manage-art-medium.php sql injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. The attack can be launcheโฆ
3.7
CVE-2025-32471 - Reuse of salt
The deviceโs passwords have not been adequately salted, making them vulnerable to password extraction attacks.
5.3
CVE-2025-39367 - WordPress Kleo theme < 5.4.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in SeventhQueen Kleo kleo.This issue affects Kleo: from n/a through < 5.4.4.
7.5
CVE-2025-32470 - Unauthenticated change of IP adress
A remote unauthenticated attacker may be able to change the IP adress of the device, and therefore affecting the availability of the device.