Key Information Vulnerability Overview CVE ID: CVE-2025-6535 Vulnerability Type: SQL Injection (SQLI) Affected Component: Vulnerability Details Affected Product Information: - Product Name: novel plus - Repository URL: https://github.com/20250639/novel-plus - Affected Component: - Affected Version: v1.0 - Vulnerability Type: SQL Injection CWE ID: CWE-89 (Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection')) Affected Code Snippet: POC (Proof of Concept) POC Code: Vulnerability Description The vulnerability exists in the file. The and parameters are directly controlled by the user and embedded into the SQL query, bypassing the protection provided by prepared statements.