Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230401	6.8	警告	tumusika evolution	-	TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2090	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

230402	7.5	危険	pl-php	-	pL-PHP の admin.php における認証を回避される脆弱性	-	CVE-2007-2007	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230403	7.5	危険	pl-php	-	pL-PHP の login.php における SQL インジェクションの脆弱性	-	CVE-2007-2006	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230404	7.5	危険	raphael limbach	-	Crea-Book の admin/admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-2000	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230405	4.3	警告	Youngzsoft	-	CmailServer WebMail の mail/signup.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1991	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230406	7.5	危険	sam crew	-	Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1990	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

230407	4.3	警告	phpecho cms	-	PHPEcho CMS の kernel/filters.inc.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1988	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

230408	7.5	危険	phpexplorator	-	phpexplorator の phpexplorator.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1985	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

230409	7.5	危険	really simple php and ajax	-	RSPA における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1982	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

230410	7.5	危険	有限会社ブルームーン	-	XOOPS 用の PopnupBlog モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1979	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210491	4.7	MEDIUM Network	traefik	traefik	In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard compo…	CWE-601 Open Redirect	CVE-2020-15129	2024-11-21 14:04	2020-07-31	Show	GitHub Exploit DB Packet Storm

210492	7.7	HIGH Network	auth0	auth0.js	In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is …	CWE-209 Information Exposure Through an Error Message	CVE-2020-15125	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210493	8.1	HIGH Network	typo3	typo3	In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic messa…	CWE-20 Improper Input Validation	CVE-2020-15099	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210494	8.8	HIGH Network	typo3	typo3	In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification mechanism can be used …	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-15098	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210495	9.8	CRITICAL Network	typo3	mediace	In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered that an internal verification mechanism can be used to generate arbitrary check…	NVD-CWE-Other	CVE-2020-15086	2024-11-21 14:04	2020-07-30	Show	GitHub Exploit DB Packet Storm

210496	4.9	MEDIUM Network	ihatemoney	i_hate_money	In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be fu…	CWE-863 Incorrect Authorization	CVE-2020-15120	2024-11-21 14:04	2020-07-28	Show	GitHub Exploit DB Packet Storm

210497	3.5	LOW Network	freerdp fedoraproject opensuse canonical debian	freerdp fedora leap ubuntu_linux debian_linux	In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not c…	-	CVE-2020-15103	2024-11-21 14:04	2020-07-28	Show	GitHub Exploit DB Packet Storm

210498	6.5	MEDIUM Network	parseplatform	parse_server	In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via…	CWE-863 Incorrect Authorization	CVE-2020-15126	2024-11-21 14:04	2020-07-23	Show	GitHub Exploit DB Packet Storm

210499	6.5	MEDIUM Network	intranda	goobi_viewer_core	In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the app…	CWE-22 Path Traversal	CVE-2020-15124	2024-11-21 14:04	2020-07-23	Show	GitHub Exploit DB Packet Storm

210500	6.5	MEDIUM Network	prestashop	dashboard_products	In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. The problem is fixed in 2.1.0.	CWE-862 Missing Authorization	CVE-2020-15102	2024-11-21 14:04	2020-07-22	Show	GitHub Exploit DB Packet Storm