3 matches found
Path traversal
A relative path traversal vulnerability CWE-23 in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests...
Path traversal
A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially...
CVE-2023-23779
Multiple improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted...