Vulnerabilities > Opencats > Opencats

DATE CVE VULNERABILITY TITLE RISK
2022-10-19 CVE-2022-43014 Cross-site Scripting vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID parameter.
network
low complexity
opencats CWE-79
6.1
6.1
2022-10-19 CVE-2022-43015 Cross-site Scripting vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter.
network
low complexity
opencats CWE-79
6.1
6.1
2022-10-19 CVE-2022-43016 Cross-site Scripting vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component.
network
low complexity
opencats CWE-79
6.1
6.1
2022-10-19 CVE-2022-43017 Cross-site Scripting vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component.
network
low complexity
opencats CWE-79
6.1
6.1
2022-10-19 CVE-2022-43018 Cross-site Scripting vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function.
network
low complexity
opencats CWE-79
6.1
6.1
2022-10-19 CVE-2022-43019 Deserialization of Untrusted Data vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax functionality.
network
low complexity
opencats CWE-502
critical
 9.8
9.8
2022-10-19 CVE-2022-43020 SQL Injection vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.
network
low complexity
opencats CWE-89
6.5
6.5
2022-10-19 CVE-2022-43021 SQL Injection vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.
network
low complexity
opencats CWE-89
6.5
6.5
2022-10-19 CVE-2022-43022 SQL Injection vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function.
network
low complexity
opencats CWE-89
6.5
6.5
2022-10-19 CVE-2022-43023 SQL Injection vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.
network
low complexity
opencats CWE-89
6.5
6.5