CVE-2007-4069

SQL injection vulnerability in show_cat.php in IndexScript 2.8 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. http://www.frsirt.com/english/advisories/2007/2696 Vendor has released a patch for this vulnerability: http://www.indexscript.com/forum/showthread.php?t2266

Publication date: Mon, 30 Jul 2007 22:30:00 +0000

Cyber News related to CVE-2007-4069

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-4163 - Multiple SQL injection vulnerabilities in IndexScript 2.7 and 2.8 before 20070726 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id, (2) start_id, (3) row[parent_id], and (4) row[cat_id] parameters to unspecified components, ...
16 years ago

CVE-2007-4069 - SQL injection vulnerability in show_cat.php in IndexScript 2.8 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. http://www.frsirt.com/english/advisories/2007/2696 Vendor has released a patch for this ...
7 years ago

CVE-2008-6179 - SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter, a different vector than CVE-2007-4069. ...
7 years ago

CVE-2021-4069 - vim is vulnerable to Use After Free ...
2 years ago

CVE-2009-4069 - Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
15 years ago

CVE-2010-4069 - Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long ...
14 years ago

CVE-2005-4069 - SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as ...
13 years ago

CVE-2012-4069 - Dir2web 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request for system/db/website.db. ...
12 years ago

CVE-2015-4069 - The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolicies method. ...
8 years ago

CVE-2013-4069 - The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, ...
7 years ago

CVE-2008-4069 - The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file. ...
7 years ago

CVE-2011-4069 - html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username. ...
6 years ago

CVE-2006-4069 - Multiple cross-site scripting (XSS) vulnerabilities in Elaine Aquino Online Zone Journals (OZJournals) 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) m and (2) c parameters in index.php, (3) a search action, and (4) a ...
6 years ago

CVE-2016-4069 - Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified ...
6 years ago

CVE-2018-4069 - An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to ...
5 years ago

CVE-2022-4069 - Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. ...
2 years ago

CVE-2019-4069 - IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014. ...
2 years ago

CVE-2023-4069 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago

CVE-2014-4069 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
55 years ago Tenable.com

CVE-2017-4069 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-4069 - A vulnerability, which was classified as critical, was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file search.php. The manipulation of the argument txtSearch leads to sql injection. It is ...
9 months ago

CVE-2024-40953 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

CVE-2024-35896 - In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs exposed by BPF after commit 20f2505fb436 ("bpf: Try to avoid kzalloc in ...
8 months ago Tenable.com

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

Latest Cyber News

CVE-2025-24973 - 16 hours ago
CVE-2025-24976 - 16 hours ago
CVE-2025-24807 - 16 hours ago
CVE-2025-24896 - 16 hours ago
CVE-2025-24897 - 16 hours ago
CVE-2025-24900 - 16 hours ago
CVE-2025-22467 - 16 hours ago
CVE-2024-47908 - 16 hours ago
CVE-2024-13813 - 16 hours ago
CVE-2024-13830 - 16 hours ago
CVE-2024-13842 - 16 hours ago
CVE-2024-13843 - 16 hours ago
CVE-2024-10644 - 16 hours ago
CVE-2024-11771 - 16 hours ago
CVE-2024-12058 - 16 hours ago
CVE-2024-12797 - 16 hours ago
CVE-2024-33659 - 17 hours ago
CVE-2025-1231 - 18 hours ago
CVE-2025-26492 - 18 hours ago
CVE-2025-26493 - 18 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-10334 - 1 day ago
CVE-2025-1149 - 1 day ago
CVE-2024-11831 - 1 day ago
CVE-2024-12133 - 1 day ago
CVE-2024-12243 - 1 day ago
CVE-2024-57950 - 1 day ago
CVE-2025-21686 - 1 day ago
CVE-2025-21687 - 1 day ago
CVE-2025-21688 - 1 day ago
CVE-2025-21689 - 1 day ago
CVE-2025-21690 - 1 day ago
CVE-2025-21691 - 1 day ago
CVE-2025-21692 - 1 day ago
CVE-2025-21693 - 1 day ago
CVE-2025-24031 - 1 day ago
CVE-2025-24032 - 1 day ago
CVE-2025-24892 - 1 day ago
CVE-2025-25186 - 1 day ago
CVE-2025-1150 - 1 day ago
CVE-2025-1151 - 1 day ago