Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-5586
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an malicious user to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.
Fortinet Fortios
6.1
CVSSv3
CVE-2018-13380
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows malicious user to execute unauthorized malicious script code via the error ...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
6.1
CVSSv3
CVE-2018-13384
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote malicious user to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains.
Fortinet Fortios
6.1
CVSSv3
CVE-2012-0941
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x prior to 4.3.6 allow remote malicious users to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Repor...
Fortinet Fortios
6.1
CVSSv3
CVE-2017-14190
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and previous versions, allows malicious user to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
Fortinet Fortios
6.1
CVSSv3
CVE-2017-7739
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated malicious user to inject arbitrary web script or HTML in the context of the victim's browser v...
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.11
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.2.6
Fortinet Fortios 5.2.8
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.5
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.4
Fortinet Fortios 5.6.0
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.9
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.4
6.1
CVSSv3
CVE-2017-7733
A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated malicious user to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.5
Fortinet Fortios 5.4.4
Fortinet Fortios 5.6.0
6.1
CVSSv3
CVE-2017-3132
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
Fortinet Fortios
1 EDB exploit
6.1
CVSSv3
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
Fortinet Fortios
1 EDB exploit
6.1
CVSSv3
CVE-2017-3127
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 up to and including 5.2.10 allows malicious user to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.4
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.9
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.8
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »