Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:34 a.m.11 views

CVE-2023-48788

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets...

9.8CVSS9.8AI score0.97591EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/03/26 4:54 a.m.91 views

CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday placed three security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 CVSS score: 9.3 - Fortinet FortiClient EMS SQL...

10CVSS10AI score0.99934EPSS
Exploits44
GithubExploit
GithubExploit
added 2024/03/18 8:50 p.m.658 views

Exploit for SQL Injection in Fortinet Forticlient_Enterprise_Management_Server

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerab...

9.8CVSS10AI score0.97591EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/03/14 4:21 a.m.103 views

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. "An improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerability CWE-89 in FortiClientEMS may allow a...

9.8CVSS9.8AI score0.97591EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2024/03/14 12:0 a.m.72 views

Fortinet FortiClient EMS 7.0.x < 7.0.11 / 7.2.x < 7.2.3 (FG-IR-24-007)

The version of Fortinet FortiClient EMS installed on the remote host is prior to 7.0.11 or 7.2.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-007 advisory. - A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet...

9.8CVSS7.5AI score0.97591EPSS
Exploits4References2
Circl
Circl
added 2024/03/12 4:26 p.m.9 views

CVE-2023-48788

creationtimestamp| type| source ---|---|--- 2024-03-12 16:26:39+00:00| seen| https://t.me/ctinow/205806 2024-03-12 16:32:08+00:00| seen| https://t.me/ctinow/205822 2024-03-13 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1246 2024-03-13 15:30:05+00:00| seen|...

9.8CVSS7.1AI score0.97591EPSS
Exploits4References70
CVE
CVE
added 2024/03/12 3:9 p.m.488 views

CVE-2023-48788

CVE-2023-48788 — Fortinet FortiClient EMS SQLi affects FortiClient EMS servers (versions 7.2.0–7.2.2 and 7.0.1–7.0.10). Root cause: improper neutralization of input in the FCTUID header allows an SQL injection over crafted packets, enabling an unauthenticated attacker to enable xp_cmdshell and ac...

9.8CVSS9.7AI score0.97591EPSS
In wildExploits4References2Affected Software1
Rows per page
Query Builder