Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228451 7.5 危険 phpweather - PHP Weather の test.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5771 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228452 4.3 警告 phpweather - PHP Weather の config/make_config.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5770 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228453 7.5 危険 sirium - XOOPS 用の AM Events モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5768 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228454 6.8 警告 phparanoid - PHParanoid におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5758 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228455 3.5 注意 Textpattern - Textpattern の textarea/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5757 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228456 4.3 警告 WordPress.org - WordPress 用の Page Flip Image Gallery プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5752 2012-12-20 19:10 2008-12-30 Show GitHub Exploit DB Packet Storm
228457 7.5 危険 Pligg - Pligg CMS の evb/check_url.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5739 2012-12-20 19:10 2008-12-26 Show GitHub Exploit DB Packet Storm
228458 7.5 危険 PHP-Fusion - PHP-Fusion 用の Team Impact TI Blog System モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5733 2012-12-20 19:10 2008-12-26 Show GitHub Exploit DB Packet Storm
228459 7.5 危険 stormboards aaronnemisis - stormBoards の thread.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5726 2012-12-20 19:10 2008-12-26 Show GitHub Exploit DB Packet Storm
228460 10 危険 sawstudio - SAWStudio におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5722 2012-12-20 19:10 2008-12-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208841 9.8 CRITICAL
Network 		ed01-cms_project ed01-cms An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-18261 2024-11-21 14:08 2021-11-4 Show GitHub Exploit DB Packet Storm
208842 6.1 MEDIUM
Network 		ed01-cms_project ed01-cms ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML… CWE-79
Cross-site Scripting 		CVE-2020-18259 2024-11-21 14:08 2021-11-4 Show GitHub Exploit DB Packet Storm
208843 9.8 CRITICAL
Network 		phpok phpok Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code. CWE-120
Classic Buffer Overflow 		CVE-2020-18440 2024-11-21 14:08 2021-11-3 Show GitHub Exploit DB Packet Storm
208844 9.1 CRITICAL
Network 		phpok phpok An issue was discoverered in in function edit_save_f in framework/admin/tpl_control.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell. NVD-CWE-noinfo
CVE-2020-18439 2024-11-21 14:08 2021-11-3 Show GitHub Exploit DB Packet Storm
208845 7.5 HIGH
Network 		phpok phpok Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php. CWE-22
Path Traversal 		CVE-2020-18438 2024-11-21 14:08 2021-11-3 Show GitHub Exploit DB Packet Storm
208846 5.3 MEDIUM
Network 		liftoffsoftware gate_one An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list. CWE-290
 Authentication Bypass by Spoofing 		CVE-2020-19003 2024-11-21 14:08 2021-10-6 Show GitHub Exploit DB Packet Storm
208847 9.8 CRITICAL
Network 		atlassian floodlight Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs. CWE-20
 Improper Input Validation  		CVE-2020-18685 2024-11-21 14:08 2021-09-30 Show GitHub Exploit DB Packet Storm
208848 9.8 CRITICAL
Network 		atlassian floodlight Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number. CWE-190
 Integer Overflow or Wraparound 		CVE-2020-18684 2024-11-21 14:08 2021-09-30 Show GitHub Exploit DB Packet Storm
208849 9.8 CRITICAL
Network 		atlassian floodlight Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling. CWE-20
 Improper Input Validation  		CVE-2020-18683 2024-11-21 14:08 2021-09-30 Show GitHub Exploit DB Packet Storm
208850 8.8 HIGH
Network 		laiketui laiketui Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'. CWE-352
 Origin Validation Error 		CVE-2020-19159 2024-11-21 14:08 2021-09-15 Show GitHub Exploit DB Packet Storm