OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable.