CVE-2025-4016 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 LogController.java deleteIndex improper authorization
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been declared as critical. The impacted element is the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. Such manipulation leads to improper authorization.
This vulnerability is listed as CVE-2025-4016. The attack may be performed from remote. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.