Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:45 p.m.7 views

CVE-2020-29015

A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement...

9.8CVSS8.6AI score0.02567EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.11 views

Fortinet FortiWeb sqli (FG-IR-20-124)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-124 advisory. - A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an...

9.8CVSS9.3AI score0.02567EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2021/08/18 3:41 a.m.10393 views

Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF

Details have emerged about a new unpatched security vulnerability in Fortinet's web application firewall WAF appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. "An OS command injection vulnerability in FortiWeb's management interface...

9.8CVSS1AI score0.99999EPSS
Exploits25
Circl
Circl
added 2021/01/14 6:49 p.m.11 views

CVE-2020-29015

creationtimestamp| type| source ---|---|--- 2021-01-14 18:49:45+00:00| seen| https://t.me/cibsecurity/22163 2021-06-02 06:43:38+00:00| seen| https://t.me/ptswarm/43 2024-11-14 06:09:42+00:00| seen| MISP/4acf1d49-6b23-4d04-9888-244468b25710...

9.8CVSS8.9AI score0.02567EPSS
Exploits1References2
CVE
CVE
added 2021/01/14 4:7 p.m.102 views

CVE-2020-29015

CVE-2020-29015 describes a blind SQL injection in Fortinet FortiWeb’s UI that affects FortiWeb versions 6.3.0–6.3.7 and versions prior to 6.2.4. The vulnerability allows an unauthenticated, remote attacker to craft an Authorization header containing malicious SQL to execute arbitrary queries or c...

9.8CVSS9.9AI score0.02567EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder