Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-36193
Multiple stack-based buffer overflows in the command line interpreter of FortiWeb prior to 6.4.2 may allow an authenticated malicious user to achieve arbitrary code execution via specially crafted commands.
Fortinet Fortiweb
6.5
CVSSv3
CVE-2019-16157
An information exposure vulnerability in Fortinet FortiWeb 6.2.0 CLI and previous versions may allow an authenticated user to view sensitive information being logged via diagnose debug commands.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-34984
A protection mechanism failure in Fortinet FortiWeb 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.6, 6.4.0 up to and including 6.4.3, 6.3.6 up to and including 6.3.23 allows malicious user to execute unauthorized code or commands via specially crafted HTTP reques...
Fortinet Fortiweb
8.1
CVSSv3
CVE-2021-42753
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x may allow an authenticated malicious user to perform an arbi...
Fortinet Fortiweb
8.8
CVSSv3
CVE-2021-36179
A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows malicious user to execute unauthorized code or commands via crafted parameters in CLI command execution
Fortinet Fortiweb
8.8
CVSSv3
CVE-2021-36182
A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows malicious user to execute unauthorized code or commands via crafted HTTP requests
Fortinet Fortiweb
6.1
CVSSv3
CVE-2021-36188
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows malicious user to execute unauthorized code or commands via crafted GET parameters in requests to login and error...
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-25602
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and previous versions, FortiWeb versions 6.2.6 and previous versions, FortiWeb versions 6.1.2 and previous versions, FortiWeb versions 6.0.7 and previous versions, FortiWeb versions 5.9....
Fortinet Fortiweb
NA
CVE-2014-1458
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and previous versions allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors.
Fortinet Fortiweb
NA
CVE-2014-1955
Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb prior to 5.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Fortinet Fortiweb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »