Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228151 6.8 警告 the-ghost - AWCM の control/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3218 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228152 7.5 危険 wiccle - iWiccle の admin モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3217 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228153 4.3 警告 wiccle - iWiccle におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3216 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228154 3.6 注意 Vtiger - vtiger CRM におけるパーミッション回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3257 2012-12-20 19:28 2008-02-6 Show GitHub Exploit DB Packet Storm
228155 4 警告 Vtiger - vtiger CRM の include/utils/ListViewUtils.php における制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3251 2012-12-20 19:28 2007-10-4 Show GitHub Exploit DB Packet Storm
228156 7.5 危険 php-shop-system - Joomla! 用の IXXO Cart コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3215 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228157 7.5 危険 raizlabs - PHP eMail Manager の remove.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3209 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228158 7.5 危険 prakashatma mishra - phpfreeBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3208 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228159 4.3 警告 stivaforum - Stiva Forum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3204 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
228160 4.3 警告 uloki - ULoKI PHP Forum の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3202 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195111 6.1 MEDIUM
Network 		groupsession groupsession_zion
groupsession_bycloud
groupsession 		Open redirect vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSe… CWE-601
Open Redirect 		CVE-2021-20789 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195112 4.3 MEDIUM
Network 		groupsession groupsession_zion
groupsession_bycloud
groupsession 		Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-20788 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195113 4.8 MEDIUM
Network 		groupsession groupsession_zion
groupsession_bycloud
groupsession 		Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and … CWE-79
Cross-site Scripting 		CVE-2021-20787 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195114 4.3 MEDIUM
Network 		groupsession groupsession_zion
groupsession_bycloud
groupsession 		Cross-site request forgery (CSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to v… CWE-352
 Origin Validation Error 		CVE-2021-20786 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195115 4.8 MEDIUM
Network 		groupsession groupsession_zion
groupsession_bycloud
groupsession 		Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and … CWE-79
Cross-site Scripting 		CVE-2021-20785 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195116 8.8 HIGH
Network 		softbank optical_bb_unit_e-wmta_firmware Cross-site request forgery (CSRF) vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page. CWE-352
 Origin Validation Error 		CVE-2021-20783 2024-11-21 14:47 2021-07-30 Show GitHub Exploit DB Packet Storm
195117 6.1 MEDIUM
Network 		voidtools everything HTTP header injection vulnerability in Everything all versions except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product via unspeci… NVD-CWE-Other
CVE-2021-20784 2024-11-21 14:47 2021-07-14 Show GitHub Exploit DB Packet Storm
195118 8.8 HIGH
Network 		tipsandtricks-hq software_license_manager Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors. CWE-352
 Origin Validation Error 		CVE-2021-20782 2024-11-21 14:47 2021-07-14 Show GitHub Exploit DB Packet Storm
195119 8.8 HIGH
Network 		pluginus wordpress_meta_data_and_taxonomies_filter Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authent… CWE-352
 Origin Validation Error 		CVE-2021-20781 2024-11-21 14:47 2021-07-14 Show GitHub Exploit DB Packet Storm
195120 7.5 HIGH
Network 		retty retty Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an exte… CWE-798
 Use of Hard-coded Credentials 		CVE-2021-20748 2024-11-21 14:47 2021-07-14 Show GitHub Exploit DB Packet Storm