Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229161	7.5	危険	WordPress.org	-	WordPress 用の AdServe プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0507	2012-12-20 18:34	2008-01-31	Show	GitHub Exploit DB Packet Storm

229162	5.8	警告	加藤和良	-	phpMyClub におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0501	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

229163	7.5	危険	WordPress.org	-	WordPress 用の fGallery プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0491	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

229164	7.5	危険	WordPress.org	-	WordPress 用の WP-Cal プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0490	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

229165	7.5	危険	vb marketing	-	VB Marketing の tseekdir.cgi におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0488	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

229166	7.5	危険	the net guys	-	ASPired2Protect の login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0487	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

229167	5	警告	webwiz	-	Web Wiz Rich Text Editor の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0481	2012-12-20 18:34	2008-01-29	Show	GitHub Exploit DB Packet Storm

229168	5	警告	webwiz	-	Web Wiz Forums におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0480	2012-12-20 18:34	2008-01-29	Show	GitHub Exploit DB Packet Storm

229169	5	警告	webwiz	-	Web Wiz NewsPad の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0479	2012-12-20 18:34	2008-01-29	Show	GitHub Exploit DB Packet Storm

229170	6.8	警告	setcms	-	SetCMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0478	2012-12-20 18:34	2008-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209381	6.5	MEDIUM Adjacent	tesla	model_3_firmware	Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue	NVD-CWE-noinfo	CVE-2020-15912	2024-11-21 14:06	2020-07-24	Show	GitHub Exploit DB Packet Storm

209382	8.8	HIGH Network	softwareupdate_project	softwareupdate	A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter o…	CWE-89 SQL Injection	CVE-2020-15887	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209383	8.8	HIGH Network	reportdata_project	reportdata	A SQL injection vulnerability in reportdata_controller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/…	CWE-89 SQL Injection	CVE-2020-15886	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209384	5.4	MEDIUM Network	munkireport_project	comment	A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment.	CWE-79 Cross-site Scripting	CVE-2020-15885	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209385	8.8	HIGH Network	munkireport_project	munkireport	A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data.	CWE-89 SQL Injection	CVE-2020-15884	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209386	6.1	MEDIUM Network	managedinstalls_project	managedinstalls	A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (thr…	CWE-79 Cross-site Scripting	CVE-2020-15883	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209387	8.1	HIGH Network	munkireport_project	munkireport	A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database.	CWE-352 Origin Validation Error	CVE-2020-15882	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209388	6.1	MEDIUM Network	munki_facts_project	munki_facts	A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name.	CWE-79 Cross-site Scripting	CVE-2020-15881	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209389	8.8	HIGH Network	embedthis	goahead	The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via c…	CWE-294 Authentication Bypass by Capture-replay	CVE-2020-15688	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm

209390	7.5	HIGH Network	cauldrondevelopment	c\!	tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive.	CWE-22 Path Traversal	CVE-2020-15908	2024-11-21 14:06	2020-07-23	Show	GitHub Exploit DB Packet Storm