5 matches found
PT-2026-45387
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...
CVE-2026-39813
A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests...
CVE-2026-39813
Fortinet FortiSandbox is affected by CVE-2026-39813, a path traversal vulnerability that enables privilege escalation via crafted requests (example path traversal: '../filedir'). Affected versions include FortiSandbox 4.4.0–4.4.8 and 5.0.0–5.0.5. Reported impact is high/critical, with potential f...
CVE-2026-27316
The CVE-2026-27316 entry describes an insufficiently protected credentials vulnerability affecting Fortinet FortiSandbox: 5.0.0–5.0.5, FortiSandbox 4.4 (all versions), and FortiSandbox PaaS 5.0.1–5.0.5. Root cause: credentials stored or exposed in a way that can be read via client-side inspection...
PT-2026-32692
Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.5 FortiSandbox versions 4.4.0 through 4.4.8 Description A path traversal issue exists where specially crafted HTTP requests can be used to bypass restricted directory access. This flaw allows a remote...