CVE-2026-49489 | OpenCATS up to 0.9.7.4 DataGrid getDataGridPager.php ajax sortDirection sql injection

May 31, 2026 Yanac

A vulnerability was found in OpenCATS up to 0.9.7.4. It has been classified as critical. Affected by this issue is the function ajax of the file ajax/getDataGridPager.php of the component DataGrid. Performing a manipulation of the argument sortDirection results in sql injection.

This vulnerability was named CVE-2026-49489. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More