Vulnerabilities > Opencats > Opencats > 0.9.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-41560 | Unrestricted Upload of File with Dangerous Type vulnerability in Opencats OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php. | 10.0 |
| 2021-01-18 | CVE-2021-25295 | Cross-site Scripting vulnerability in Opencats OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issues. | 4.3 |
| 2021-01-18 | CVE-2021-25294 | Deserialization of Untrusted Data vulnerability in Opencats OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. | 10.0 |
| 2019-07-05 | CVE-2019-13358 | XXE vulnerability in Opencats lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. | 5.0 |