Known vulnerabilities in Fortinet, Inc FortiWeb 6.3.0

Vendor: Fortinet, Inc

Website: https://www.fortinet.com/

Total Security Bulletins: 30

Security bulletins (30)

Secuity bulletin	Severity	Status	Published
SB2025012103: Authenticated SQL injection in FortiWeb	Low	Patched	21.01.2025
SB2024111418: Information disclosure in FortiWeb	Low	Patched	14.11.2024
SB20240709122: MitM attack in FortiWeb	Medium	Patched	09.07.2024
SB2024051630: Information disclosure in FortiWeb	Low	Patched	16.05.2024
SB2023121849: Log injection in FortiWeb	Medium	Patched	18.12.2023
SB2023070504: Denial of service in multiple Fortinet products firmware upgrade function	Low	Patched	05.07.2023
SB2023041322: Stored XSS in FortiWeb	Medium	Patched	13.04.2023
SB2023030947: Arbitrary file read in FortiWeb and FortiRecorder	Low	Patched	09.03.2023
SB2023021731: Multiple vulnerabilities in FortiWeb	Medium	Patched	17.02.2023
SB2023021704: Padding oracle in cookie encryption in FortiWeb	Low	Patched	17.02.2023
SB2023021680: Privilege escalation in FortiWeb	Medium	Patched	16.02.2023
SB2023021682: Path traversal in FortiWeb API	Medium	Patched	16.02.2023
SB2023021683: Path traversal in FortiWeb	Low	Patched	16.02.2023
SB2023021685: Privilege escalation in FortiWeb CLI	Low	Patched	16.02.2023
SB2023021686: Session fixation in FortiWeb	Medium	Patched	16.02.2023
SB2023021687: Remote code execution in FortiWeb Proxyd	High	Patched	16.02.2023
SB2022090661: SQL injection in FortiWeb	Low	Patched	06.09.2022
SB2022040428: Denial of service in FortiWeb OpenSSL library	Medium	Patched	04.04.2022
SB2022020172: Multiple vulnerabilities in Fortinet FortiWeb	High	Patched	01.02.2022
SB2021120720: Information disclosure in FortiSandbox, FortiWeb and FortiADC	Medium	Patched	07.12.2021
SB2021090714: Buffer overflow in FortiWeb	Medium	Patched	07.09.2021
SB2021090713: Remote OS commands execution in FortiWeb	Medium	Patched	07.09.2021
SB2021081913: OS command injection in FortiWeb	Medium	Patched	19.08.2021
SB2021060119: Remote command execution in Fortinet FortiWeb	Medium	Patched Public exploit	01.06.2021
SB2021040618: Information disclosure in FortiWeb	Medium	Patched	06.04.2021
SB2021020334: XSS in Fortinet FortiWeb	Medium	Patched	03.02.2021
SB2021010515: SQL injection in Fortinet FortiWeb	High	Patched	05.01.2021
SB2021010514: Denial of service in Fortinet FortiWeb	Medium	Patched	05.01.2021
SB2021010513: Remote code execution in Fortinet FortiWeb	High	Patched	05.01.2021
SB2021010512: Format string vulnerability in Fortinet FortiWeb	Medium	Patched	05.01.2021