Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:fortinet_fortiweb:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductFortinet Fortiweb (45df1c83-a008-5c39-b994-509c52b61639)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-6646 vulnerable 2026-06-08 05:26:45.592674 Details available
An improper neutralization of input vulnerability in FortiWeb allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the Disclaimer Description of a Replacement Message.
Published: 2020-03-17T12:49:51.000Z
Updated: 2024-10-25T14:02:22.816Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-29019 vulnerable 2026-06-08 05:23:56.761726 Details available
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.
Published: 2021-01-14T16:01:57.000Z
Updated: 2024-10-25T14:23:58.898Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-29015 vulnerable 2026-06-08 05:23:56.755000 Details available
A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.
Published: 2021-01-14T16:07:20.000Z
Updated: 2024-10-25T14:23:13.381Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.