Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228691 8.5 危険 WordPress.org - WordPress MU および WordPress の wp-admin/options.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5695 2012-12-20 19:10 2008-12-19 Show GitHub Exploit DB Packet Storm
228692 10 危険 sandbox - Sandbox の lib/jpgraph/jpgraph_errhandler.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5694 2012-12-20 19:10 2008-12-19 Show GitHub Exploit DB Packet Storm
228693 6.5 警告 phparanoid - PHParanoid における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5673 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228694 6.8 警告 phparanoid - PHParanoid におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5672 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228695 6.8 警告 Textpattern - Textpattern におけるセッションのハイジャック後パスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5670 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228696 5 警告 Textpattern - Textpattern のコメントプレビューセクションにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5669 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228697 4.3 警告 Textpattern - Textpattern におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5668 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228698 5 警告 VirusBlokAda Ltd. - VirusBlokAda VBA32 Personal Antivirus のスキャンエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5667 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
228699 3.5 注意 WING FTP software - WinFTP FTP Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5666 2012-12-20 18:52 2008-12-18 Show GitHub Exploit DB Packet Storm
228700 7.5 危険 XOOPS - XOOPS の xhresim モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5665 2012-12-20 18:52 2008-12-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
208721 5.4 MEDIUM
Network 		issuehunt boostnote In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks. CWE-79
Cross-site Scripting 		CVE-2020-19924 2024-11-21 14:09 2021-05-19 Show GitHub Exploit DB Packet Storm
208722 5.3 MEDIUM
Network 		dhcms_project dhcms An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path. CWE-209
Information Exposure Through an Error Message 		CVE-2020-19275 2024-11-21 14:09 2021-05-13 Show GitHub Exploit DB Packet Storm
208723 6.1 MEDIUM
Network 		dhcms_project dhcms A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code. CWE-79
Cross-site Scripting 		CVE-2020-19274 2024-11-21 14:09 2021-05-13 Show GitHub Exploit DB Packet Storm
208724 8.8 HIGH
Network 		phpok phpok A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a remote malicious user execute arbitrary code. CWE-352
 Origin Validation Error 		CVE-2020-19199 2024-11-21 14:09 2021-05-11 Show GitHub Exploit DB Packet Storm
208725 9.8 CRITICAL
Network 		shopxo shopxo Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request. NVD-CWE-Other
CVE-2020-19778 2024-11-21 14:09 2021-04-14 Show GitHub Exploit DB Packet Storm
208726 9.8 CRITICAL
Network 		coreftp core_ftp Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username. CWE-120
Classic Buffer Overflow 		CVE-2020-19596 2024-11-21 14:09 2021-04-6 Show GitHub Exploit DB Packet Storm
208727 7.5 HIGH
Network 		coreftp core_ftp Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username. CWE-120
Classic Buffer Overflow 		CVE-2020-19595 2024-11-21 14:09 2021-04-6 Show GitHub Exploit DB Packet Storm
208728 5.4 MEDIUM
Network 		mblog_project mblog Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile. CWE-79
Cross-site Scripting 		CVE-2020-19619 2024-11-21 14:09 2021-04-2 Show GitHub Exploit DB Packet Storm
208729 5.4 MEDIUM
Network 		mblog_project mblog Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing. CWE-79
Cross-site Scripting 		CVE-2020-19618 2024-11-21 14:09 2021-04-2 Show GitHub Exploit DB Packet Storm
208730 5.4 MEDIUM
Network 		mblog_project mblog Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile. CWE-79
Cross-site Scripting 		CVE-2020-19617 2024-11-21 14:09 2021-04-2 Show GitHub Exploit DB Packet Storm