Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229641 4.3 警告 radical technologies - Portal Search の buscador/buscador.htm におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0922 2012-12-20 18:19 2007-02-14 Show GitHub Exploit DB Packet Storm
229642 9.4 危険 radical technologies - Portal Search における任意の Web サイトへの URL をリダイレクトされる脆弱性 - CVE-2007-0921 2012-12-20 18:19 2007-02-14 Show GitHub Exploit DB Packet Storm
229643 10 危険 ProcessOne - ejabberd の mod_roster_odbc モジュールにおける脆弱性 - CVE-2007-0903 2012-12-20 18:19 2007-02-2 Show GitHub Exploit DB Packet Storm
229644 7.5 危険 tagit - TagIt! Tagboard における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0900 2012-12-20 18:19 2007-02-13 Show GitHub Exploit DB Packet Storm
229645 2.6 注意 サン・マイクロシステムズ - Solaris の rm の -r および -R オプションを伴うディレクトリの再帰的削除における rm を稼働しているユーザとしてファイルなどを削除される脆弱性 - CVE-2007-0895 2012-12-20 18:19 2007-02-8 Show GitHub Exploit DB Packet Storm
229646 6.8 警告 rainbow portal - sRainbow の jira/secure/BrowseProject.jspa におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0885 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229647 7.5 危険 Roaring Penguin Software Inc. - Roaring Penguin MIMEDefang におけるバッファオーバーフローの脆弱性 - CVE-2007-0884 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229648 5 警告 second rule llc - IP3 NetAccess の portalgroups/portalgroups/getfile.cgi におけるディレクトリトラバーサルの脆弱性 - CVE-2007-0883 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229649 9.3 危険 smidgeonsoft - SmidgeonSoft PEBrowse Professional におけるバッファオーバーフローの脆弱性 - CVE-2007-0879 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
229650 4.3 警告 qdig - Qdig におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0876 2012-12-20 18:19 2007-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200011 9.1 CRITICAL
Network 		student_result_management_system_project student_result_management_system Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result. CWE-89
SQL Injection 		CVE-2020-35270 2024-11-21 14:27 2021-01-27 Show GitHub Exploit DB Packet Storm
200012 9.8 CRITICAL
Network 		egavilanmedia user_registration_and_login_system_with_admin_panel EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution. CWE-89
SQL Injection 		CVE-2020-35263 2024-11-21 14:27 2021-01-27 Show GitHub Exploit DB Packet Storm
200013 8.8 HIGH
Network 		cakefoundation cakephp A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to a… CWE-352
 Origin Validation Error 		CVE-2020-35239 2024-11-21 14:27 2021-01-27 Show GitHub Exploit DB Packet Storm
200014 4.8 MEDIUM
Network 		employee_performance_evaluation_system_project employee_performance_evaluation_system Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields. CWE-79
Cross-site Scripting 		CVE-2020-35272 2024-11-21 14:27 2021-01-21 Show GitHub Exploit DB Packet Storm
200015 4.8 MEDIUM
Network 		employee_performance_evaluation_system_project employee_performance_evaluation_system Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Employees, First Name and Last Name fields. CWE-79
Cross-site Scripting 		CVE-2020-35271 2024-11-21 14:27 2021-01-21 Show GitHub Exploit DB Packet Storm
200016 7.5 HIGH
Network 		erlang
fedoraproject 		erlang\/otp
fedora 		An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority. CWE-295
Improper Certificate Validation  		CVE-2020-35733 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
200017 5.4 MEDIUM
Network 		enviragallery envira_gallery A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_ti… CWE-79
Cross-site Scripting 		CVE-2020-35582 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
200018 5.4 MEDIUM
Network 		enviragallery envira_gallery A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the m… CWE-79
Cross-site Scripting 		CVE-2020-35581 2024-11-21 14:27 2021-01-15 Show GitHub Exploit DB Packet Storm
200019 8.8 HIGH
Network 		eclipse vert.x-web Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token … CWE-352
 Origin Validation Error 		CVE-2020-35217 2024-11-21 14:27 2021-01-20 Show GitHub Exploit DB Packet Storm
200020 7.2 HIGH
Network 		nagios nagios_xi An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can e… CWE-78
OS Command  		CVE-2020-35578 2024-11-21 14:27 2021-01-14 Show GitHub Exploit DB Packet Storm