Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226651	7.5	危険	webbdomian	-	WEBBDOMAIN Post Card の choosecard.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6622	2012-12-20 19:10	2009-04-6	Show	GitHub Exploit DB Packet Storm

226652	6.8	警告	sitexs cms	-	SiteXS CMS の adm/visual/upload.php における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6617	2012-12-20 19:10	2009-04-6	Show	GitHub Exploit DB Packet Storm

226653	4.3	警告	Zen Cart	-	Zen Software Zen Cart の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6616	2012-12-20 19:10	2009-04-6	Show	GitHub Exploit DB Packet Storm

226654	7.5	危険	Zen Cart	-	Zen Software Zen Cart の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6615	2012-12-20 19:10	2009-04-6	Show	GitHub Exploit DB Packet Storm

226655	10	危険	picoflat	-	PicoFlat CMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6604	2012-12-20 19:10	2009-04-4	Show	GitHub Exploit DB Packet Storm

226656	10	危険	stadtaus	-	Download Center Lite における脆弱性	CWE-noinfo 情報不足	CVE-2008-6602	2012-12-20 19:10	2009-04-3	Show	GitHub Exploit DB Packet Storm

226657	4.3	警告	xmlportal	-	XMLPortal の検索機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6600	2012-12-20 19:10	2009-04-3	Show	GitHub Exploit DB Packet Storm

226658	10	危険	Sangoma	-	WANPIPE における脆弱性	CWE-362 競合状態	CVE-2008-6598	2012-12-20 19:10	2009-04-3	Show	GitHub Exploit DB Packet Storm

226659	4.3	警告	phpcredo	-	PHCDownload の upload/install/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6597	2012-12-20 19:10	2009-04-3	Show	GitHub Exploit DB Packet Storm

226660	5.5	警告	Simple Machines	-	SMF の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6659	2012-12-20 19:10	2008-11-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197051	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker c…	CWE-89 SQL Injection	CVE-2020-6119	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197052	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker …	CWE-89 SQL Injection	CVE-2020-6118	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197053	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker ca…	CWE-89 SQL Injection	CVE-2020-6117	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197054	4.3	MEDIUM Network	sap	abap_platform netweaver_application_server_abap	Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP u…	NVD-CWE-noinfo	CVE-2020-6310	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197055	7.5	HIGH Network	sap	netweaver_application_server_java	SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the atta…	CWE-306 Missing Authentication for Critical Function	CVE-2020-6309	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197056	8.1	HIGH Network	sap	hcm_travel_management	SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of priv…	CWE-862 Missing Authorization	CVE-2020-6301	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197057	4.8	MEDIUM Network	sap	businessobjects_business_intelligence_platform	SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code t…	CWE-79 Cross-site Scripting	CVE-2020-6300	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197058	4.3	MEDIUM Network	sap	abap_platform netweaver_application_server_abap	SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Inform…	NVD-CWE-noinfo	CVE-2020-6299	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197059	8.1	HIGH Network	sap	generic_market_data	SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure val…	CWE-862 Missing Authorization	CVE-2020-6298	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197060	4.4	MEDIUM Local	sap	data_intelligence	Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be …	NVD-CWE-noinfo	CVE-2020-6297	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm