Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230281	4.3	警告	telephone	-	Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2677	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230282	4.3	警告	softcomplex	-	PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2675	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230283	7.5	危険	Powie	-	Powie pNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2673	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

230284	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230285	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

230286	7.5	危険	smeweb	-	SMEWeb の catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2652	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

230287	4.3	警告	smeweb	-	SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2644	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

230288	7.5	危険	theflashblog	-	FlashBlog の php/leer_comentarios.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2572	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230289	4.3	警告	samtodo	-	SamTodo の dsp_main.php などにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2563	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

230290	6.5	警告	powerphlogger	-	PowerPhlogger の edCss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2562	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224011	5.3	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a password reset to proceed while an e-mail address is being changed.	CWE-287 Improper Authentication	CVE-2019-20875	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224012	7.5	HIGH Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information during a role change.	NVD-CWE-noinfo	CVE-2019-20874	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224013	6.5	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information during user activation/deactivation.	NVD-CWE-noinfo	CVE-2019-20873	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224014	5.5	MEDIUM Local	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-20872	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224015	7.5	HIGH Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.	NVD-CWE-Other	CVE-2019-20871	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224016	4.3	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.10.0. An attacker can bypass the intended appearance of the Edited flag after changing a post's file ID.	CWE-20 Improper Input Validation	CVE-2019-20870	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224017	5.3	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member could change the Update/Patch Channel endpoint for a private channel.	NVD-CWE-noinfo	CVE-2019-20869	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224018	7.5	HIGH Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated.	CWE-20 Improper Input Validation	CVE-2019-20868	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224019	5.3	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.11.0. An attacker can interfere with a channel's post loading via one crafted post.	NVD-CWE-noinfo	CVE-2019-20867	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm

224020	5.3	MEDIUM Network	mattermost	mattermost_server	An issue was discovered in Mattermost Server before 5.12.0. Use of a Proxy HTTP header, rather than the source address in an IP packet header, for obtaining IP address information was mishandled.	CWE-444 HTTP Request Smuggling	CVE-2019-20866	2024-11-21 13:39	2020-06-20	Show	GitHub Exploit DB Packet Storm