Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226271 7.5 危険 shock-therapy - RSMScript における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6743 2012-12-20 19:10 2009-04-22 Show GitHub Exploit DB Packet Storm
226272 7.5 危険 Simple Machines - SMF の Load.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6741 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
226273 7.5 危険 toddwoolums - Todd Woolums ASP Download 管理スクリプトにおける管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-6739 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
226274 5.8 警告 thaiquickcart - ThaiQuickCart の qc/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6735 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
226275 6.8 警告 phpmotion - PHPmotion の password.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6729 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
226276 7.5 危険 PHPNUKE - PHP-Nuke の Sections モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6728 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
226277 7.5 危険 turnkeyforms - TurnkeyForms Entertainment Portal における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6723 2012-12-20 19:10 2009-04-14 Show GitHub Exploit DB Packet Storm
226278 7.5 危険 uochm - U&M Software Event Lister における脆弱性 CWE-287
不適切な認証 		CVE-2008-6719 2012-12-20 19:10 2009-04-13 Show GitHub Exploit DB Packet Storm
226279 7.5 危険 uochm - U&M Software JustBookIt における脆弱性 CWE-287
不適切な認証 		CVE-2008-6718 2012-12-20 19:10 2009-04-13 Show GitHub Exploit DB Packet Storm
226280 7.5 危険 uochm - U&M Software Signup における脆弱性 CWE-287
不適切な認証 		CVE-2008-6717 2012-12-20 19:10 2009-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199741 6.1 MEDIUM
Network 		roundcube
fedoraproject
debian 		webmail
fedora
debian_linux 		An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference el… CWE-79
Cross-site Scripting 		CVE-2020-35730 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199742 7.5 HIGH
Network 		joomla joomla\! An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations. CWE-20
 Improper Input Validation  		CVE-2020-35616 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199743 6.3 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability. CWE-352
 Origin Validation Error 		CVE-2020-35615 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199744 5.3 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page. NVD-CWE-noinfo
CVE-2020-35614 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199745 9.8 CRITICAL
Network 		joomla joomla\! An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list. CWE-89
SQL Injection 		CVE-2020-35613 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199746 7.5 HIGH
Network 		joomla joomla\! An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability. CWE-22
Path Traversal 		CVE-2020-35612 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199747 7.5 HIGH
Network 		joomla joomla\! An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values. CWE-200
Information Exposure 		CVE-2020-35611 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199748 7.5 HIGH
Network 		joomla joomla\! An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms. NVD-CWE-noinfo
CVE-2020-35610 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199749 8.8 HIGH
Network 		woocommerce gift_cards Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift C… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-35627 2024-11-21 14:27 2020-12-29 Show GitHub Exploit DB Packet Storm
199750 6.1 MEDIUM
Local 		wavpack
debian
fedoraproject 		wavpack
debian_linux
fedora 		WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" re… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-35738 2024-11-21 14:27 2020-12-28 Show GitHub Exploit DB Packet Storm