Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

91 matches found

RedhatCVE
RedhatCVEadded 3 days ago5 views

CVE-2026-49489

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References1
NVD
NVDadded 4 days ago8 views

CVE-2026-49489

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS0.00029EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 4 days ago4 views

CVE-2026-49490 OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...

8.6CVSS6.1AI score0.00026EPSS
Exploits0References2
Cvelist
Cvelistadded 4 days ago24 views

CVE-2026-49489 OpenCATS - SQL Injection in DataGrid sortDirection Parameter

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS0.00029EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 4 days ago14 views

CVE-2026-49489

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References3
CNNVD
CNNVDadded 4 days ago3 views

OpenCats SQL注入漏洞

OpenCats is an open-source recruitment process management system developed by OpenCats. Versions of OpenCats prior to 0.9.7.4 had a SQL injection vulnerability. This vulnerability stemmed from the sortDirection parameter in the DataGrid component, which allowed SQL injections. It was possible for...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 4 days ago4 views

PT-2026-45191

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References5
Snyk
Snykadded 6 days ago6 views

Malicious Package

Overview @cloudplatform-single-spa/datagrid is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2026/03/24 3:54 p.m.2 views

MAL-2026-2382 Malicious code in osc-datagrid-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b6beb7674c12933f815ec6da07e3bcb65403fef71ed76e7c1c8805df763672 The package osc-datagrid-validator was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/24 3:54 p.m.2 views

Malicious code in osc-datagrid-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8b6beb7674c12933f815ec6da07e3bcb65403fef71ed76e7c1c8805df763672 The package osc-datagrid-validator was found to contain malicious code...

5.9AI score
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-0543

Malware in sbrugna...

9.8CVSS9.2AI score0.00704EPSS
Exploits2References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-3612

Malware in sbrugna...

5CVSS6.4AI score0.00376EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-18792

Malware in sbrugna...

9.8CVSS9.2AI score0.00431EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2019-0605

Malware in sbrugna...

9.8CVSS9.3AI score0.01193EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/06/27 2:15 p.m.2 views

Malicious code in tableau-widgets-datagrid (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSV
OSVadded 2025/05/31 4:15 p.m.0 views

CVE-2025-5384

A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the...

9.8CVSS5.6AI score0.0012EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/05/31 12:0 a.m.2 views

JeeWMS 注入漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. JeeWMS 20250504 and previous versions of injection vulnerability exists, the vulnerability stems from the file /cgAutoListController.do?datagrid function CgAutoListController SQL injection...

9.8CVSS7.1AI score0.0012EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/22 8:21 a.m.4 views

CVE-2019-14281

The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party...

9.8CVSS6.9AI score0.01193EPSS
Exploits0References1
Snyk
Snykadded 2023/01/29 3:29 p.m.1 views

Malicious Package

Overview datagrid-date-filter-web is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snykadded 2023/01/29 3:29 p.m.1 views

Malicious Package

Overview datagrid-number-filter-web is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if thi...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder