Tag

Opencats

3 briefs RSS

OpenCATS 0.9.7.4 SQL Injection Vulnerability

A SQL Injection vulnerability exists in OpenCATS 0.9.7.4, with a published exploit that allows for database version and user extraction on unpatched systems.

OpenCATS 0.9.7.4 sqli webapps opencats

2r 1t 3w ago

critical threat

OpenCATS 0.9.4 Remote Code Execution Vulnerability (CVE-2021-47936)

2 rules 2 TTPs 1 CVE

OpenCATS 0.9.4 is vulnerable to remote code execution (CVE-2021-47936) allowing unauthenticated attackers to execute arbitrary commands by uploading malicious PHP files disguised as resume attachments through the careers job application endpoint, leading to potential system compromise.

OpenCATS 0.9.4 CVE-2021-47936 rce opencats vulnerability

2r 2t 1c May 10, 2026

critical advisory

OpenCATS PHP Code Injection Vulnerability (CVE-2026-27760)

2 rules 1 TTP 1 CVE

Unauthenticated attackers can exploit a PHP code injection vulnerability in OpenCATS versions prior to commit 3002a29 by injecting malicious PHP code into the installer's AJAX endpoint, leading to arbitrary code execution.

OpenCATS code-injection php cve-2026-27760

2r 1t 1c Jan 3, 2024