2 matches found
PT-2023-1737 · Fortinet · Fortiweb +1
Name of the Vulnerable Software and Affected Versions: FortiWeb versions 6.0 through 6.4.1 FortiRecorder versions 2.7 through 6.4.3 Description: The issue is related to an incomplete filtering of one or more instances of special elements in the command line interpreter. This may allow an...
Path traversal
A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially...