Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb 6.3.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-42761
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 up to and including 6.3.16, 6.2.0 up to and including 6.2.6, 6.1.0 up to and including 6.1.2, 6.0.0 up to and including 6.0.7, 5.9.0 up to and including...
Fortinet Fortiweb
NA
CVE-2022-43955
An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 up to and including 7.0.3, 6.3.0 up to and including 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remo...
Fortinet Fortiweb
578
VMScore
CVE-2020-29018
A format string vulnerability in FortiWeb 6.3.0 up to and including 6.3.5 may allow an authenticated, remote malicious user to read the content of memory and retrieve sensitive data via the redir parameter.
Fortinet Fortiweb
356
VMScore
CVE-2021-41026
A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 up to and including 6.3.15 may allow an authenticated malicious user to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Fortinet Fortiweb
383
VMScore
CVE-2021-22122
An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 up to and including 6.3.7 and version prior to 6.2.4 may allow an unauthenticated, remote malicious user to perform a reflected cross site scripting attack (XSS) by injecting malicious ...
Fortinet Fortiweb
1 Github repository
668
VMScore
CVE-2020-29015
A blind SQL injection in the user interface of FortiWeb 6.3.0 up to and including 6.3.7 and version prior to 6.2.4 may allow an unauthenticated, remote malicious user to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing ...
Fortinet Fortiweb
445
VMScore
CVE-2020-29019
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 up to and including 6.3.7 and version prior to 6.2.4 may allow a remote, unauthenticated malicious user to crash the httpd daemon thread by sending a request with a crafted cookie header.
Fortinet Fortiweb
668
VMScore
CVE-2020-29016
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 up to and including 6.3.5 and version prior to 6.2.4 may allow an unauthenticated, remote malicious user to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a ...
Fortinet Fortiweb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2