CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1957
https://notcve.org/view.php?id=CVE-2014-1957
30 Apr 2014 — FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. FortiGuard FortiWeb anterior a 5.0.3 permite a usuarios remotos autenticados ganar privilegios a través de vectores no especificados. • http://www.fortiguard.com/advisory/FG-IR-13-009 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1458
https://notcve.org/view.php?id=CVE-2014-1458
04 Feb 2014 — Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la interfaz de administración Web en FortiGuard FortiWeb 5.0.3 y anteriores permite a administradores autenticados remotos inyectar script Web o HTML arbitrario a través de vectores no especificados. • http://www.fortiguard.com/advisory/FG-IR-14-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •