Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5092 | 1 Fortinet | 1 Fortiweb | 2016-07-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature. | |||||
| CVE-2014-3115 | 1 Fortinet | 1 Fortiweb | 2015-08-01 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors. | |||||
| CVE-2013-7181 | 1 Fortinet | 1 Fortiweb | 2015-07-27 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter. | |||||
| CVE-2014-1955 | 1 Fortinet | 1 Fortiweb | 2014-07-18 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-1956 | 1 Fortinet | 1 Fortiweb | 2014-07-18 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
| CVE-2014-1957 | 1 Fortinet | 1 Fortiweb | 2014-07-18 | 6.5 MEDIUM | N/A |
| FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. | |||||