8Şub
CVE-2024-24018 | novel-plus up to 4.3.0-RC1 /system/dataPerm/list offset/limit/sort sql injection
A vulnerability, which was classified as critical, has been found in novel-plus up to 4.3.0-RC1. This issue affects some unknown processing of the file /system/dataPerm/list. The manipulation of the argument offset/limit/sort leads to sql injection. The identification of this vulnerability is CVE-2024-24018. The attack can only be done within the local network. There is no exploit available.