6 matches found
CVE-2025-64156
Fortinet FortiVoice contains an SQL injection vulnerability (CVE-2025-64156) due to improper neutralization of special elements in SQL commands. Affected versions: FortiVoice 6.0 (all), 6.4 (all), 7.0.0–7.0.7, and 7.2.0–7.2.2. An authenticated privileged attacker could exploit crafted requests to...
PT-2025-50128
Name of the Vulnerable Software and Affected Versions Fortinet FortiVoice versions 6.0 all versions Fortinet FortiVoice versions 6.4 all versions Fortinet FortiVoice versions 7.0.0 through 7.0.7 Fortinet FortiVoice versions 7.2.0 through 7.2.2 Description The software contains an improper...
CVE-2025-47856
Two improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiVoice version 7.2.0, 7.0.0 through 7.0.6 and before 6.4.10 allows a privileged attacker to execute arbitrary code or commands via crafted HTTP/HTTPS or CLI requests...
EUVD-2024-43233
Malicious code in bioql PyPI...
CVE-2024-48885
A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4....
Fortinet多款产品 路径遍历漏洞
Fortinet FortiWeb and others are products of Fortinet, Inc.Fortinet FortiWeb is a Web application layer firewall, Fortinet FortiRecorder is a Web-based network video recorder management system.Fortinet FortiVoice is a unified communications and collaboration-as-a-service. A path traversal...