CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-13358

lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. The attacker must upload a file in the docx or odt format.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.417

EPSS Ranking 97.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2019-13358

Opencats » Opencats » Version: N/A

cpe:2.3:a:opencats:opencats:-
Opencats » Opencats » Version: 0.9.3

cpe:2.3:a:opencats:opencats:0.9.3
Opencats » Opencats » Version: 0.9.3-1

cpe:2.3:a:opencats:opencats:0.9.3-1
Opencats » Opencats » Version: 0.9.3-2

cpe:2.3:a:opencats:opencats:0.9.3-2
Opencats » Opencats » Version: 0.9.3-3

cpe:2.3:a:opencats:opencats:0.9.3-3
Opencats » Opencats » Version: 0.9.4

cpe:2.3:a:opencats:opencats:0.9.4
Opencats » Opencats » Version: 0.9.4-1

cpe:2.3:a:opencats:opencats:0.9.4-1
Opencats » Opencats » Version: 0.9.4-2

cpe:2.3:a:opencats:opencats:0.9.4-2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-13358

Products

Pricing

Contact Us