Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-7736
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and previous versions, allows malicious users to inject arbitrary web script or HTML via special crafted malicious certificate import.
Fortinet Fortiweb
Fortinet Fortiweb 5.8.0
4.9
CVSSv3
CVE-2017-7737
An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-in admin user to view SNMPv3 user password in cleartext in webui via the HTML source code.
Fortinet Fortiweb
6.1
CVSSv3
CVE-2017-3129
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows malicious user to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.
Fortinet Fortiweb
4.9
CVSSv3
CVE-2016-5092
Directory traversal vulnerability in Fortinet FortiWeb prior to 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2016-4066
Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb prior to 5.5.3 allows remote malicious users to hijack the authentication of administrators for requests that change the password via unspecified vectors.
Fortinet Fortiweb
NA
CVE-2014-8619
Cross-site scripting (XSS) vulnerability in the autolearn configuration page in Fortinet FortiWeb 5.1.2 up to and including 5.3.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Fortinet Fortiweb 5.2.2
Fortinet Fortiweb 5.2.3
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.2.4
Fortinet Fortiweb 5.3.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.2.1
Fortinet Fortiweb 5.3.3
Fortinet Fortiweb 5.3.4
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
Fortinet Fortiweb 5.3.1
Fortinet Fortiweb 5.3.2
NA
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
Fortinet Fortiweb 5.0.2
Fortinet Fortiweb 5.0.3
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.0.4
Fortinet Fortiweb 5.0.0
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
NA
CVE-2014-3115
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb prior to 5.2.0 allow remote malicious users to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb
NA
CVE-2014-1956
CRLF injection vulnerability in FortiGuard FortiWeb prior to 5.0.3 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Fortinet Fortiweb
NA
CVE-2014-1957
FortiGuard FortiWeb prior to 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.
Fortinet Fortiweb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »