4 matches found
CVE-2022-30300
A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...
Fortinet FortiWeb Path traversal in API handler (FG-IR-22-136)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-136 advisory. - A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may...
CVE-2022-30300
A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...
CVE-2022-30300
CVE-2022-30300 is a relative path traversal vulnerability in FortiWeb affecting 6.3.6–6.3.18, all 6.4 versions, and 7.0.0–7.0.1. The issue arises in the API handler, allowing an authenticated attacker to access files and data via crafted HTTP GET requests. References include FortiGuard FG-IR-22-1...