Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiportal vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-36181
A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal prior to 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inco...
Fortinet Fortiportal
4.3
CVSSv2
CVE-2021-32602
An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI 6.0.4 and below, 5.3.6 and below, 5.2.6 and below, 5.1.2 and below, 5.0.3 and below, 4.2.2 and below, 4.1.2 and below, 4.0.4 and below may allow a remote and unauthenticated m...
Fortinet Fortiportal
4
CVSSv2
CVE-2021-36168
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x prior to 6.0.5, FortiPortal 5.3.x prior to 5.3.6 and any FortiPortal prior to 6.2.5 allows authenticated malicious user to disclosure information via crafted GET...
Fortinet Fortiportal
6.8
CVSSv2
CVE-2021-36171
The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal prior to 6.0.6 may allow a remote unauthenticated malicious user to predict parts of or the whole newly generated password within a given time frame.
Fortinet Fortiportal
5
CVSSv2
CVE-2021-36174
A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal prior to 6.0.6 may allow an malicious user to perform a denial of service attack via specially crafted license blobs.
Fortinet Fortiportal
4.3
CVSSv2
CVE-2021-36176
Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal prior to 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.
Fortinet Fortiportal
9
CVSSv2
CVE-2021-32590
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 up to and including 6.0.4, 5.3.0 up to and including 5.3.5, 5.2.0 up to and including 5.2.5, and 4.2.2 and previous versions may allow an attacker with regular user...
Fortinet Fortiportal
4
CVSSv2
CVE-2021-32595
Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal prior to 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.
Fortinet Fortiportal
10
CVSSv2
CVE-2021-32588
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated malicious user to execute unauthorized commands as root by uploading and deploying ma...
Fortinet Fortiportal
5.5
CVSSv2
CVE-2021-32594
An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 up to and including 6.0.4, 5.3.0 up to and including 5.3.5, 5.2.0 up to and including 5.2.5, and 4.2.2 and previous versions may allow a low-privileged user to potentially tamper with the underlyi...
Fortinet Fortiportal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »