Lucene search
K

18 matches found

Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.156 views

FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution

Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2025-25257 Overvi...

9.8CVSS8.6AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/11/03 9:0 a.m.210 views

Exploit for Improper Validation of Certificate with Host Mismatch in Fortinet Fortiproxy

watchTowr-vs-FortiWeb-CVE-2025-25257 Detection Artifact Gener...

9.8CVSS7.3AI score0.9671EPSS
Exploits18
Packet Storm
Packet Storm
added 2025/10/06 12:0 a.m.162 views

📄 FortiWeb Fabric Connector 7.6.x SQL Injection

FortiWeb Fabric Connector versions 7.6.x suffer from a pre-authentication remote SQL injection vulnerability. Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact:...

9.8CVSS9.9AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/09/21 10:24 a.m.153 views

Exploit for SQL Injection in Fortinet Fortiweb

CVE-2025-25257 Exploits for CVE-2025-25257 released by watchto...

9.8CVSS7AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/07/19 3:55 p.m.272 views

Exploit for SQL Injection in Fortinet Fortiweb

CVE-2025-25257 - FortiWeb Pre-Auth SQL Injection to RCE 07...

9.8CVSS10AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/07/19 3:12 a.m.155 views

Exploit for SQL Injection in Fortinet Fortiweb

!Book Coverhttps://m.media-amazon.com/images/I/51J88WafNFL.A...

9.8CVSS10AI score0.9671EPSS
Exploits18
NVD
NVD
added 2025/07/17 4:15 p.m.11 views

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

9.8CVSS0.9671EPSS
Exploits18References5
Cvelist
Cvelist
added 2025/07/17 3:10 p.m.14 views

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

9.8CVSS0.9671EPSS
Exploits18References1
Vulnrichment
Vulnrichment
added 2025/07/17 3:10 p.m.8 views

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

9.8CVSS9.7AI score0.9671EPSS
Exploits18References1
GithubExploit
GithubExploit
added 2025/07/15 10:0 a.m.348 views

Exploit for SQL Injection in Fortinet Fortiweb

🚨 CVE-2025-25257 – FortiWeb SQLi to RCE Critical SQL Injection →...

9.8CVSS10AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/07/12 2:44 p.m.254 views

Exploit for SQL Injection in Fortinet Fortiweb

CVE-2025-25257 Exploit Tool Credits Based on watchTowr La...

9.8CVSS9.9AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/07/12 12:5 a.m.145 views

Exploit for SQL Injection in Fortinet Fortiweb

Table of Contents - Overview - Vulnerability D...

9.8CVSS10AI score0.9671EPSS
Exploits18
The Hacker News
The Hacker News
added 2025/07/11 2:38 p.m.20 views

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An improper...

10CVSS10AI score0.96732EPSS
Exploits30
GithubExploit
GithubExploit
added 2025/07/11 12:9 p.m.236 views

Exploit for SQL Injection in Fortinet Fortiweb

CVE-2025-25257 FortiWeb CVE-2025-25257 ex...

9.8CVSS9.7AI score0.9671EPSS
Exploits18
Packet Storm News
Packet Storm News
added 2025/07/11 12:0 a.m.5 views

FortiWeb SQL Injection / Remote Code Execution

This script attempts to detect if FortiWeb is vulnerable to CVE-2025-25257, a SQL injection vulnerability that can be leveraged for remote code execution...

9.8CVSS9AI score0.9671EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/07/10 5:8 p.m.343 views

Exploit for SQL Injection in Fortinet Fortiweb

watchTowr-vs-FortiWeb-CVE-2025-25257 Detection Artifact Gener...

9.8CVSS9.9AI score0.9671EPSS
Exploits18
Circl
Circl
added 2025/07/09 2:49 p.m.25 views

CVE-2025-25257

creationtimestamp| type| source ---|---|--- 2025-07-09 14:49:29+00:00| seen| https://bsky.app/profile/brianhaddock.bsky.social/post/3ltk2rlcsy626 2025-07-09 17:24:33+00:00| seen| https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ltkdgtrfxx2z 2025-07-10 00:02:32+00:00| seen|...

9.8CVSS7.6AI score0.9671EPSS
In wildExploits18References194
Tenable Nessus
Tenable Nessus
added 2025/07/08 12:0 a.m.33 views

Fortinet FortiWeb sqli (FG-IR-25-151)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-151 advisory. - An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 in FortiWeb may...

9.8CVSS9AI score0.9671EPSS
Exploits18References2
Rows per page
Query Builder