Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229981	7.5	危険	gerrit van aaken	-	Gerrit van Aaken Loudblog の index.php における SQL インジェクションの脆弱性	-	CVE-2006-3832	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229982	5	警告	kailash nadh	-	Kailash Nadh boastMachine の Backup セレクションにおける重要な情報を取得される脆弱性	-	CVE-2006-3831	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229983	4	警告	kailash nadh	-	Kailash Nadh boastMachine におけるファイルをアップロードされる脆弱性	-	CVE-2006-3830	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229984	5	警告	kailash nadh	-	Kailash Nadh boastMachine の bmc/admin.php におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2006-3829	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229985	6.5	警告	kailash nadh	-	Kailash Nadh boastMachine における SQL インジェクション保護メカニズムを回避される脆弱性	-	CVE-2006-3828	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229986	6.5	警告	kailash nadh	-	Kailash Nadh boastMachine の bmc/Inc/core/admin/search.inc における SQL インジェクションの脆弱性	-	CVE-2006-3827	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229987	4.3	警告	kailash nadh	-	Kailash Nadh boastMachine におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3826	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229988	5.1	警告	Geodesic Solutions	-	GeodesicSolutions の index.php における SQL インジェクションの脆弱性	-	CVE-2006-3823	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229989	5.1	警告	Geodesic Solutions	-	GeodesicSolutions GeoAuctions Enterprise の index.php における SQL インジェクションの脆弱性	-	CVE-2006-3822	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

229990	4.3	警告	ATRC	-	ATutor におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3821	2012-12-20 18:02	2006-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199311	6.5	MEDIUM Network	endalia	selection_portal	In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file …	NVD-CWE-Other	CVE-2020-35577	2024-11-21 14:27	2021-02-18	Show	GitHub Exploit DB Packet Storm

199312	9.8	CRITICAL Network	74cms	74cms	In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server…	CWE-94 Code Injection	CVE-2020-35339	2024-11-21 14:27	2021-02-18	Show	GitHub Exploit DB Packet Storm

199313	5.3	MEDIUM Network	mbconnectline helmholz	mbconnect24 mymbconnect24 myrex24.virtual myrex24	An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An unauthenticated attacker is able to access files (that should have be…	CWE-425 Direct Request ('Forced Browsing')	CVE-2020-35570	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199314	6.1	MEDIUM Network	mbconnectline	mbconnect24 mymbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted cookie in the login page.	CWE-79 Cross-site Scripting	CVE-2020-35569	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199315	4.3	MEDIUM Network	mbconnectline helmholz	mbconnect24 mymbconnect24 myrex24.virtual myrex24	An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An incomplete filter applied to a database response all…	CWE-200 Information Exposure	CVE-2020-35568	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199316	7.8	HIGH Local	mbconnectline	mbconnect24 mymbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances.	CWE-798 Use of Hard-coded Credentials	CVE-2020-35567	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199317	5.3	MEDIUM Network	mbconnectline helmholz	mbconnect24 mymbconnect24 myrex24.virtual myrex24	An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local Fil…	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2020-35566	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199318	9.8	CRITICAL Network	mbconnectline	mbconnect24 mymbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2020-35565	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199319	7.5	HIGH Network	mbconnectline	mbconnect24 mymbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.	CWE-74 Injection	CVE-2020-35564	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm

199320	5.4	MEDIUM Network	mbconnectline	mbconnect24 mymbconnect24	An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing an attacker to inject crafted malicious code into the page.	CWE-79 Cross-site Scripting	CVE-2020-35563	2024-11-21 14:27	2021-02-17	Show	GitHub Exploit DB Packet Storm