Lucene search
K

4 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/06/17 12:0 a.m.12 views

VulnCheck KEV: CVE-2026-27760

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS6AI score0.22189EPSS
In wildExploits0References13
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:43 p.m.5 views

CVE-2026-27760

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS5.9AI score0.22189EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.11 views

PT-2026-35727

Name of the Vulnerable Software and Affected Versions OpenCATS versions prior to commit 3002a29 Description An unauthenticated PHP code injection issue exists in the installer AJAX endpoint. This allows attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity...

9.2CVSS5.9AI score0.22189EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2013/09/23 3:49 a.m.41 views

CVE-2013-5696

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery CSRF attacks, and 1 perform a SQL injection via an Etape4 action or 2 execute arbitrary PHP...

6.8CVSS6.1AI score0.07855EPSS
Exploits11References2
Rows per page
Query Builder