CVE-2024-24019 – A SQL injection vulnerability in Novel-Plus v4.... (How to Fix)

Q: What is the severity of CVE-2024-24019?

CVE-2024-24019 has a CVSS score of 9.8 (CRITICAL). A SQL injection vulnerability in Novel-Plus v4.3.0-RC1 and earlier allows attackers to execute arbitrary SQL commands via crafted offset, limit, and sort parameters in the /system/roleDataPerm/list endpoint. This can lead to data theft, modification, or deletion. All users running affected versions are impacted.

📋 TL;DR

A SQL injection vulnerability in Novel-Plus v4.3.0-RC1 and earlier allows attackers to execute arbitrary SQL commands via crafted offset, limit, and sort parameters in the /system/roleDataPerm/list endpoint. This can lead to data theft, modification, or deletion. All users running affected versions are impacted.

💻 Affected Systems

Products:

Novel-Plus

Versions: v4.3.0-RC1 and prior versions

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default configuration when the affected endpoint is accessible.

📦 What is this software?

Novel Plus by Xxyopen

View all CVEs affecting Novel Plus →

Novel Plus by Xxyopen

View all CVEs affecting Novel Plus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data exfiltration, privilege escalation, or remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access, manipulation of database contents, and potential authentication bypass.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted HTTP requests to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

Upgrade to a patched version when available. Monitor the official repository for updates.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation for offset, limit, and sort parameters to allow only expected values.

Web Application Firewall Rule

all

Deploy WAF rules to block SQL injection patterns targeting the /system/roleDataPerm/list endpoint.

🧯 If You Can't Patch

Restrict network access to the Novel-Plus application to trusted IPs only.
Disable or block the /system/roleDataPerm/list endpoint if not required.

🔍 How to Verify

Check if Vulnerable:

Test by sending crafted SQL injection payloads in offset, limit, or sort parameters to /system/roleDataPerm/list and observing database errors or unexpected behavior.

Check Version:

Check the application version in the admin panel or configuration files.

Verify Fix Applied:

Verify that parameterized queries are used and input validation rejects malicious payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL syntax in HTTP request parameters
Database error messages in application logs
Multiple requests to /system/roleDataPerm/list with suspicious parameters

Network Indicators:

HTTP requests to /system/roleDataPerm/list containing SQL keywords like UNION, SELECT, or OR

SIEM Query:

source="web_logs" AND uri="/system/roleDataPerm/list" AND (param="*UNION*" OR param="*SELECT*" OR param="*OR*" OR param="*--*")

📊 Metadata

CVE ID: CVE-2024-24019

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: February 7, 2024

Last Updated: June 5, 2025

🔗 References

https://github.com/201206030/novel-plus Product
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/24019.txt Third Party Advisory
https://github.com/201206030/novel-plus Product
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/24019.txt Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-24019, you might also want to check these: