Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230291 7.5 危険 scottmanktelow - Stride における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5430 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230292 4.3 警告 Umisoft - UMI CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5428 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230293 7.5 危険 Tiki Software Community Association - TikiWiki の tiki-graph_formula.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5423 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230294 6.8 警告 quoc-huy - Joomla! 用の Quoc-Huy mp3_allopass コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5412 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230295 6.8 警告 picoflat cms - PicoFlat CMS の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5390 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230296 6.8 警告 webdesktop - WebDesktop における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5388 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230297 6.8 警告 pindorama - Pindorama の active/components/xmlrpc/client.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5387 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230298 4.3 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5386 2012-12-20 18:33 2007-10-12 Show GitHub Exploit DB Packet Storm
230299 2.6 注意 サン・マイクロシステムズ - Sun JVM におけるマルチピン DNS リバインド攻撃を実行される脆弱性 CWE-16
CWE-20
CVE-2007-5375 2012-12-20 18:33 2007-10-11 Show GitHub Exploit DB Packet Storm
230300 6.8 警告 verlihub-project - VHCP の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
CWE-94
CVE-2007-5321 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210111 8.8 HIGH
Network 		softwareupdate_project softwareupdate A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter o… CWE-89
SQL Injection 		CVE-2020-15887 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210112 8.8 HIGH
Network 		reportdata_project reportdata A SQL injection vulnerability in reportdata_controller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/… CWE-89
SQL Injection 		CVE-2020-15886 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210113 5.4 MEDIUM
Network 		munkireport_project comment A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment. CWE-79
Cross-site Scripting 		CVE-2020-15885 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210114 8.8 HIGH
Network 		munkireport_project munkireport A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. CWE-89
SQL Injection 		CVE-2020-15884 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210115 6.1 MEDIUM
Network 		managedinstalls_project managedinstalls A Cross-Site Scripting (XSS) vulnerability in the managedinstalls module before 2.6 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the last two URL parameters (thr… CWE-79
Cross-site Scripting 		CVE-2020-15883 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210116 8.1 HIGH
Network 		munkireport_project munkireport A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6.3 allows attackers to delete arbitrary machines from the MunkiReport database. CWE-352
 Origin Validation Error 		CVE-2020-15882 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210117 6.1 MEDIUM
Network 		munki_facts_project munki_facts A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module before 1.5 for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name. CWE-79
Cross-site Scripting 		CVE-2020-15881 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210118 8.8 HIGH
Network 		embedthis goahead The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via c… CWE-294
Authentication Bypass by Capture-replay  		CVE-2020-15688 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210119 7.5 HIGH
Network 		cauldrondevelopment c\! tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive. CWE-22
Path Traversal 		CVE-2020-15908 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm
210120 7.8 HIGH
Local 		pypi bsdiff4 A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file. CWE-787
 Out-of-bounds Write 		CVE-2020-15904 2024-11-21 14:06 2020-07-23 Show GitHub Exploit DB Packet Storm