2025-01-14 14:10:00
fortinet
PUBLISHED
An improper neutralization of special elements used in an sql command (sql injection) vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests