Lucene search
K

5 matches found

GithubExploit
GithubExploit
•added 2026/03/01 7:7 p.m.•211 views

Exploit for SQL Injection in Fortinet Fortiweb

CVE-2025-25257 Detection Engineering Repository !CVEhttps:...

9.8CVSS7.8AI score0.9671EPSS
Exploits18
Exploit DB
Exploit DB
•added 2026/02/04 12:0 a.m.•160 views

FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution

Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2025-25257 Overvi...

9.8CVSS8.6AI score0.9671EPSS
Exploits18
Packet Storm
Packet Storm
•added 2025/12/22 12:0 a.m.•187 views

šŸ“„ FortiWeb Fabric Connector 7.6.x SQL Injection / Remote Code Execution

This proof of concept exploit demonstrates a pre-authentication remote SQL injection vulnerability in Fortinet FortiWeb Fabric Connector versions 7.0 through 7.6.x. The flaw allows unauthenticated attackers to achieve remote code execution through malicious SQL queries in the Authorization header...

9.8CVSS10AI score0.9671EPSS
Exploits18
Packet Storm
Packet Storm
•added 2025/10/06 12:0 a.m.•164 views

šŸ“„ FortiWeb Fabric Connector 7.6.x SQL Injection

FortiWeb Fabric Connector versions 7.6.x suffer from a pre-authentication remote SQL injection vulnerability. Exploit Title: FortiWeb Fabric Connector 7.6.x - Pre-authentication SQL Injection to Remote Code Execution Date: 2025-10-05 Exploit Author: Milad Karimi Ex3ptionaL Contact:...

9.8CVSS9.9AI score0.9671EPSS
Exploits18
BDU FSTEC
BDU FSTEC
•added 2025/07/14 12:0 a.m.•7 views

The vulnerability of the get_fabric_user_by_token() function in the Fabric Connector network interface component of the FortiWeb web application allows a attacker to execute arbitrary code or commands.

The vulnerability of the getfabricuserbytoken function in the Fabric Connector network interface component of the FortiWeb web application is related to the improper handling of HTTP requests with the Authorization header. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

10CVSS8.5AI score0.9671EPSS
Exploits18References6Affected Software1
Rows per page
Query Builder