Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229081	9	危険	vikingboard	-	Vikingboard の admin.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6284	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229082	4.3	警告	vikingboard	-	Vikingboard におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6283	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229083	9.3	危険	vikingboard	-	Vikingboard の members.php における強制 SQL エラーを誘発される脆弱性	-	CVE-2006-6282	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229084	6.8	警告	phpoll	-	PHPOLL におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6271	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229085	7.8	危険	postnuke software foundation	-	PostNuke における重要な情報を取得される脆弱性	-	CVE-2006-6267	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229086	6.4	警告	phpjunkyard	-	PHPJunkYard MBoard の mboard.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6262	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229087	9.3	危険	quinnware	-	Quintessential Player におけるバッファオーバーフローの脆弱性	-	CVE-2006-6261	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229088	7.5	危険	redbinaria	-	Redbinaria SIAP の login.asp における SQL インジェクションの脆弱性	-	CVE-2006-6260	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229089	7.5	危険	vuplayer	-	VUPlayer におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6251	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

229090	7.8	危険	songbird	-	Songbird Media Player におけるフォーマットストリングの脆弱性	-	CVE-2006-6250	2012-12-20 18:02	2006-12-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198121	9.8	CRITICAL Network	bloofox	bloofoxcms	File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-36082	2024-11-21 14:28	2023-08-11	Show	GitHub Exploit DB Packet Storm

198122	8.8	HIGH Network	wuzhicms	wuzhicms	An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php.	NVD-CWE-noinfo	CVE-2020-36037	2024-11-21 14:28	2023-08-11	Show	GitHub Exploit DB Packet Storm

198123	9.8	CRITICAL Network	school_faculty_scheduling_system_project	school_faculty_scheduling_system	SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via craft…	CWE-89 SQL Injection	CVE-2020-36034	2024-11-21 14:28	2023-08-11	Show	GitHub Exploit DB Packet Storm

198124	5.5	MEDIUM Local	freedesktop	poppler	An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.	CWE-476 NULL Pointer Dereference	CVE-2020-36024	2024-11-21 14:28	2023-08-11	Show	GitHub Exploit DB Packet Storm

198125	6.5	MEDIUM Network	freedesktop	poppler	An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-36023	2024-11-21 14:28	2023-08-11	Show	GitHub Exploit DB Packet Storm

198126	8.8	HIGH Network	flycms_project	flycms	Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.	CWE-352 Origin Validation Error	CVE-2020-36065	2024-11-21 14:28	2023-05-8	Show	GitHub Exploit DB Packet Storm

198127	9.8	CRITICAL Network	thecontrolgroup	voyager	Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component.	CWE-281 Improper Preservation of Permissions	CVE-2020-36070	2024-11-21 14:28	2023-04-27	Show	GitHub Exploit DB Packet Storm

198128	8.8	HIGH Network	tailor_mangement_system_project	tailor_mangement_system	SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file	CWE-89 SQL Injection	CVE-2020-36077	2024-11-21 14:28	2023-04-10	Show	GitHub Exploit DB Packet Storm

198129	8.8	HIGH Network	tailor_mangement_system_project	tailor_mangement_system	SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.	CWE-89 SQL Injection	CVE-2020-36074	2024-11-21 14:28	2023-04-7	Show	GitHub Exploit DB Packet Storm

198130	8.8	HIGH Network	tailor_management_system_project	tailor_management_system	SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page.	CWE-89 SQL Injection	CVE-2020-36073	2024-11-21 14:28	2023-04-7	Show	GitHub Exploit DB Packet Storm