Cyber News

Multiple authenticated SQL injection via extraParam

09/12/2025

CVSSv3 Score: 6.8

An improper neutralization of special elements used in an SQL command (‘SQL injection’) [CWE-89] in FortiVoice may allow an authenticated privileged attacker to execute unauthorized code or commands via crafted requests.

Revised on 2025-12-09 00:00:00

– Read more

Monday	08:00 - 17:00
Tuesday	08:00 - 17:00
Wednesday	08:00 - 17:00
Thursday	08:00 - 17:00
Friday	08:00 - 17:00

Multiple authenticated SQL injection via extraParam

Latest article

VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

CVE volumes may plausibly reach 100,000 this year

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

EDITOR PICKS

VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support

CVE volumes may plausibly reach 100,000 this year

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

POPULAR POSTS

Threats to users of adult websites in 2018

The World’s Most Popular Coding Language Happens to be Most Hackers’...

IT threat evolution Q2 2019

POPULAR CATEGORY

VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

CVE volumes may plausibly reach 100,000 this year