Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227511 5.8 警告 rickard andersson - PunBB 用の imgUpload モジュールを伴う Automatic Image Upload における任意のコンテンツをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6527 2012-12-20 18:34 2007-12-27 Show GitHub Exploit DB Packet Storm
227512 4.3 警告 Tiki Software Community Association - TikiWiki の tiki-special_chars.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6526 2012-12-20 18:34 2007-12-27 Show GitHub Exploit DB Packet Storm
227513 7.5 危険 woltlab - wBB Lite の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6518 2012-12-20 18:34 2007-12-24 Show GitHub Exploit DB Packet Storm
227514 6.8 警告 ravware - RavWare Software MAS Flic ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6516 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
227515 7.5 危険 sitescape - SiteScape Forum の support/dispatch.cgi における任意の TLC コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6515 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
227516 5 警告 ウェブセンス - Websense Enterprise におけるコンテンツのフィルタリングを回避される脆弱性 CWE-DesignError
CVE-2007-6511 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
227517 6.4 警告 shttpd - Windows 上で稼動している shttpd における任意の CGI プログラムをダウンロードされる脆弱性 CWE-200
情報漏えい 		CVE-2007-6405 2012-12-20 18:34 2007-12-17 Show GitHub Exploit DB Packet Storm
227518 5 警告 shttp - Windows 上で稼動している shttpd におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6404 2012-12-20 18:34 2007-12-17 Show GitHub Exploit DB Packet Storm
227519 6.8 警告 Winamp - Nullsoft Winamp におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6403 2012-12-20 18:34 2007-12-17 Show GitHub Exploit DB Packet Storm
227520 5 警告 poldoc - PolDoc CMS の download_file.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6400 2012-12-20 18:34 2007-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199931 2.7 LOW
Network 		lightbend play_framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior … NVD-CWE-Other
CVE-2020-28923 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199932 7.2 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28939 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199933 5.4 MEDIUM
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. CWE-79
Cross-site Scripting 		CVE-2020-28938 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199934 7.5 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot… CWE-306
CWE-425
Missing Authentication for Critical Function
 Direct Request ('Forced Browsing') 		CVE-2020-28937 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
199935 9.8 CRITICAL
Network 		adrianmercurio gym_management_system An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. CWE-89
SQL Injection 		CVE-2020-29288 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
199936 9.8 CRITICAL
Network 		car_rental_management_system_project car_rental_management_system An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php. CWE-89
SQL Injection 		CVE-2020-29287 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
199937 9.8 CRITICAL
Network 		point_of_sales_in_php\/pdo_project point_of_sales_in_php\/pdo SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php. CWE-89
SQL Injection 		CVE-2020-29285 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
199938 9.8 CRITICAL
Network 		multi_restaurant_table_reservation_system_project multi_restaurant_table_reservation_system The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can s… CWE-89
SQL Injection 		CVE-2020-29284 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
199939 9.8 CRITICAL
Network 		online_doctor_appointment_booking_system_php_and_mysql_project online_doctor_appointment_booking_system_php_and_mysql An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php. CWE-89
SQL Injection 		CVE-2020-29283 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
199940 9.8 CRITICAL
Network 		bloodx_project bloodx SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication. CWE-89
SQL Injection 		CVE-2020-29282 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm