A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.
Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!
More Stories
SonicWall Investigating Zero-Day Attacks Against Its Products
Intel Investigating Hack of Confidential Financial Report
DDoS Attackers Revive Old Campaigns to Extort Ransom