Lucene search
+L

5918 matches found

Fortinet
Fortinet
added 2014/07/10 12:0 a.m.31 views

FortiWeb Cross-Site Scripting Vulnerabilities

...

4.3CVSS6.4AI score0.01161EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Fortinet FortiMail 400 IBE Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

BitComet 0.60 Torrent File Handling Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16311/info BitComet is prone to a buffer-overflow vulnerability. This issue presents itself when the application attempts to process a malformed '.torrent' file. Exploitation of this issue could allow attacker-supplied...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Fortinet FortiGate 2.x/3.0 URL Filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16599/info Fortinet FortiGate is prone to a vulnerability that could allow users to bypass the device's URL filtering. FortiGate devices running FortiOS v2.8MR10 and v3beta are vulnerable to this issue. Other versions may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Fortinet FortiWeb Web Application Firewall Policy Bypass

No description provided by source. BINAR10 Report on Fortinet Fortiweb Findings 02/05/2012 - Fortinet FortiWeb Web Application Firewall Policy Bypass - ============================================================ 1 Affected Product Fabricant: Fortinet Product name: FortiWeb Version: Latest update...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Fortinet Fortigate CRLF Characters URL Filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27276/info Fortinet Fortigate is prone to a vulnerability that can allow attackers to bypass the device's URL filtering. An attacker can exploit this issue to view unauthorized websites, bypassing certain security...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/20 12:0 a.m.36 views

Fortinet FortiWeb < 5.2.0 Multiple XSRF Vulnerabilities

The remote host running FortiWeb prior to 5.2.0. It is, therefore, affected by multiple cross-site request forgery XSRF vulnerabilities in the web UI due to a lack of XSRF token protection. A remote, unauthenticated attacker could potentially exploit this vulnerability to perform administrative...

6.8CVSS5.3AI score0.01179EPSS
Exploits1References2
NVD
NVD
added 2014/05/08 2:29 p.m.19 views

CVE-2014-3115

Multiple cross-site request forgery CSRF vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors...

6.8CVSS7.2AI score0.01179EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/05/08 2:0 p.m.34 views

CVE-2014-3115

Multiple cross-site request forgery CSRF vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors...

7.1AI score0.01179EPSS
Exploits1References4
CVE
CVE
added 2014/05/08 2:0 p.m.61 views

CVE-2014-3115

Fortinet FortiWeb

6.8CVSS7.3AI score0.01179EPSS
Exploits1References4Affected Software1
CERT
CERT
added 2014/05/07 12:0 a.m.35 views

Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability

Overview Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery CSRF vulnerability. CWE-352 Description CWE-352: Cross-Site Request Forgery CSRF Fortinet Fortiweb prior to...

6.8CVSS7.2AI score0.01179EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.36 views

Fortinet Device Detection

Binary data fortinetversion.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.34 views

Fortinet FortiOS 5.x < 5.0.3 Security Bypass

The remote host is running FortiOS 5.x prior to 5.0.3. It is, therefore, affected by a security bypass vulnerability due to a failure to properly manage the Guest user permission. An attacker could potentially exploit this vulnerability to view, change, or delete records of users from another...

6.5CVSS5.6AI score0.01078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.34 views

Fortinet FortiOS User Interface Default Credentials

The remote Fortinet FortiOS user interface uses a known set of default credentials. Knowing these, an attacker with access to the service can gain administrative access to the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.22 views

Fortinet FortiMail < 4.3.4 / 5.0.0 Multiple XSS

The remote host is running FortiMail prior to 4.3.4 / 5.0.0. It is, therefore, affected by multiple cross-site scripting vulnerabilities due to a failure to sanitize user-supplied input in the web UI. Specifically, flaws exist in the 'ipmask', 'username', 'address', and 'url' parameters of the...

4.3CVSS5.2AI score0.02015EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.23 views

Fortinet FortiOS < 4.3.13 / 5.0.3 Multiple XSRF

The remote host is running FortiOS prior to 4.3.13 / 5.0.3. It is, therefore, affected by multiple cross-site request forgery vulnerabilities in web UI pages because they are not protected by XSRF tokens. An attacker could potentially exploit this vulnerability to hijack an authenticated user's...

5.1CVSS5.4AI score0.02286EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.38 views

Fortinet FortiAnalyzer < 4.3.7 / 5.0.5 Multiple XSRF

The remote host is running FortiAnalyzer prior to 4.3.7 / 5.0.5. It is, therefore, affected by multiple cross-site request forgery vulnerabilities due to a failure to validate XSRF tokens in several web UI scripts. An attacker could potentially exploit this vulnerability to hijack an authenticate...

6.8CVSS5.4AI score0.01928EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.42 views

Fortinet FortiOS 5.x < 5.0.6 XSS

The remote host is running FortiOS prior to 5.0.6. It is, therefore, affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input to the 'mkey' parameter in the '/firewall/schedule/recurrdlg' URL of the web UI. An attacker could potentially exploit this...

4.3CVSS5.6AI score0.02413EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.44 views

Unsupported Fortinet Hardware and Operating System

According to its version, the remote Fortinet hardware or operating system is obsolete and is no longer being maintained or supported by Fortinet. Lack of support for the hardware implies that future hardware will not be supported in fixes, replacements and that current and future operating syste...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/04/15 12:0 a.m.35 views

Fortinet FortiWeb 5.x < 5.1.0 XSS

The remote host is running FortiWeb 5.x prior to 5.1.0. It is, therefore, affected by a cross-site scripting vulnerability in the web UI due to a failure to sanitize user-supplied input to the 'filter' parameter in the '/user/ldapuser/add' script. An attacker could potentially exploit this...

4.3CVSS5.6AI score0.02413EPSS
Exploits1References2
Rows per page
Query Builder