Vulnerabilities > Fortinet > Fortimanager 300E

DATE CVE VULNERABILITY TITLE RISK
2017-08-11 CVE-2015-3616 SQL Injection vulnerability in Fortinet Fortimanager Firmware
SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.
network
low complexity
fortinet CWE-89
7.5
7.5
2017-08-11 CVE-2015-3615 Cross-site Scripting vulnerability in Fortinet Fortimanager Firmware
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
network
fortinet CWE-79
3.5
3.5
2017-08-11 CVE-2015-3614 Information Exposure vulnerability in Fortinet Fortimanager Firmware
Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability.
network
low complexity
fortinet CWE-200
5.0
5.0