Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:opencats:opencats:0.9.7:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-26847 |
A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates. Published: April 11, 2023; 11:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-26846 |
A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates. Published: April 11, 2023; 11:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-26845 |
A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors. Published: April 11, 2023; 11:15:10 AM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-48013 |
Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields. Published: January 27, 2023; 1:15:15 PM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-48012 |
Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /opencats/index.php?m=settings&a=ajax_tags_upd. Published: January 27, 2023; 1:15:15 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2022-48011 |
Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function. Published: January 27, 2023; 1:15:15 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |