โ† Back to Dashboard

CVE-2026-49489

HIGH NVD
CVSS Score
8.5
Severity
HIGH
Source
NVD
Published
May 31, 2026
Description

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform time-based blind injection attacks and read sensitive data.

View Full Details โ† Back