Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228581 6.8 警告 wabbit - Wabbit PHP Gallery の showpic.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2098 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
228582 7.5 危険 tsdisplay4xoops - TSD4XOOPS の blocks/tsdisplay4xoops_block2.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2091 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
228583 6.8 警告 tumusika evolution - TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2090 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
228584 7.5 危険 pl-php - pL-PHP の admin.php における認証を回避される脆弱性 - CVE-2007-2007 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
228585 7.5 危険 pl-php - pL-PHP の login.php における SQL インジェクションの脆弱性 - CVE-2007-2006 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
228586 7.5 危険 raphael limbach - Crea-Book の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2000 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
228587 4.3 警告 Youngzsoft - CmailServer WebMail の mail/signup.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1991 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
228588 7.5 危険 sam crew - Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1990 2012-12-20 18:19 2007-04-12 Show GitHub Exploit DB Packet Storm
228589 4.3 警告 phpecho cms - PHPEcho CMS の kernel/filters.inc.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1988 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
228590 7.5 危険 phpexplorator - phpexplorator の phpexplorator.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1985 2012-12-20 18:19 2007-04-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196461 6.1 MEDIUM
Network 		sap netweaver_as_abap_business_server_pages SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_PHTMLB, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, is vulnerable to reflected Cross-Site Scripting (XSS) via … CWE-79
Cross-site Scripting 		CVE-2020-6213 2024-11-21 14:35 2020-04-25 Show GitHub Exploit DB Packet Storm
196462 5.4 MEDIUM
Network 		sap erp
s\/4hana 		Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do no… CWE-862
 Missing Authorization 		CVE-2020-6212 2024-11-21 14:35 2020-04-25 Show GitHub Exploit DB Packet Storm
196463 6.1 MEDIUM
Network 		sap netweaver_as_abap_business_server_pages SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, does not sufficiently encode user-controlled inputs, resulting in re… CWE-79
Cross-site Scripting 		CVE-2020-6217 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196464 6.1 MEDIUM
Network 		sap netweaver_as_abap_business_server_pages SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insu… CWE-601
Open Redirect 		CVE-2020-6215 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196465 6.1 MEDIUM
Network 		sap businessobjects_business_intelligence_platform SAP Business Objects Business Intelligence Platform (AdminTools), versions 4.1, 4.2, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials … CWE-601
Open Redirect 		CVE-2020-6211 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196466 9.8 CRITICAL
Network 		sap businessobjects_business_intelligence_platform SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to ga… CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2020-6195 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196467 9.3 CRITICAL
Network 		sap commerce_cloud SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and a… CWE-611
XXE 		CVE-2020-6238 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196468 7.5 HIGH
Network 		sap businessobjects_business_intelligence_platform Under certain conditions, SAP Business Objects Business Intelligence Platform, version 4.1, 4.2, dswsbobje web application allows an attacker to access information which would otherwise be restricted… NVD-CWE-noinfo
CVE-2020-6237 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196469 7.2 HIGH
Network 		sap landscape_management
adaptive_extensions 		SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of … CWE-269
 Improper Privilege Management 		CVE-2020-6236 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
196470 8.6 HIGH
Network 		sap solution_manager SAP Solution Manager (Diagnostics Agent), version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication. CWE-306
Missing Authentication for Critical Function 		CVE-2020-6235 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm