Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230091	4.3	警告	siteatschool	-	S@S の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3276	2012-12-20 18:19	2007-06-19	Show	GitHub Exploit DB Packet Storm

230092	7.5	危険	yourfreescreamer	-	YourFreeScreamer の templates/2blue/bodyTemplate.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3271	2012-12-20 18:19	2007-06-19	Show	GitHub Exploit DB Packet Storm

230093	4.3	警告	sporum forum	-	Sporum Forum の comments.cgi におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3213	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

230094	10	危険	yabb	-	YaBB における CRLF インジェクションの脆弱性	-	CVE-2007-3208	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

230095	7.5	危険	software602	-	602Pro LAN SUITE 2003 の SMTP サービスにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3203	2012-12-20 18:19	2007-06-12	Show	GitHub Exploit DB Packet Storm

230096	7.1	危険	winpt	-	WinPT における間違ったユーザ ID 鍵をインストールされる脆弱性	-	CVE-2007-3201	2012-12-20 18:19	2007-06-12	Show	GitHub Exploit DB Packet Storm

230097	10	危険	phpmyinventory	-	phpMyInventory の Includes/global.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3270	2012-12-20 18:19	2007-06-19	Show	GitHub Exploit DB Packet Storm

230098	5	警告	vincent hor	-	Calendarix における重要な情報を取得される脆弱性	-	CVE-2007-3259	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

230099	5	警告	vincent hor	-	Calendarix の calendar.php における重要な情報を取得される脆弱性	-	CVE-2007-3258	2012-12-20 18:19	2007-06-27	Show	GitHub Exploit DB Packet Storm

230100	4	警告	xythos	-	XEDM などにおけるマルウェアを配布するドキュメントと任意の Content-Type HTTP ヘッダを関連づけられる脆弱性	-	CVE-2007-3256	2012-12-20 18:19	2007-06-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213881	8.8	HIGH Network	rconfig	rconfig	lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.	CWE-78 OS Command	CVE-2020-10221	2024-11-21 13:54	2020-03-9	Show	GitHub Exploit DB Packet Storm

213882	9.8	CRITICAL Network	rconfig	rconfig	An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.	CWE-89 SQL Injection	CVE-2020-10220	2024-11-21 13:54	2020-03-8	Show	GitHub Exploit DB Packet Storm

213883	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1…	CWE-78 OS Command	CVE-2020-10216	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213884	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-…	CWE-78 OS Command	CVE-2020-10215	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213885	8.8	HIGH Network	dlink	dir-825_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_s…	CWE-787 Out-of-bounds Write	CVE-2020-10214	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213886	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST reque…	CWE-78 OS Command	CVE-2020-10213	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213887	9.8	CRITICAL Network	tecrail	responsive_filemanager	upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an i…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-10212	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213888	5.4	MEDIUM Network	citrix	gateway_firmware	Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Cit…	CWE-444 HTTP Request Smuggling	CVE-2020-10112	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213889	7.5	HIGH Network	citrix	gateway_firmware	Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic f…	CWE-444 HTTP Request Smuggling	CVE-2020-10111	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

213890	5.3	MEDIUM Network	citrix	gateway_firmware	Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache head…	NVD-CWE-noinfo	CVE-2020-10110	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm