Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230451 4.3 警告 toenda software development - toendaCMS におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1872 2012-12-20 18:19 2007-04-13 Show GitHub Exploit DB Packet Storm
230452 7.5 危険 webasyst llc - Shop-Script FREE の smarty/smarty_class.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1855 2012-12-20 18:19 2007-04-3 Show GitHub Exploit DB Packet Storm
230453 7.5 危険 really simple php and ajax - RSPA におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1851 2012-12-20 18:19 2007-04-3 Show GitHub Exploit DB Packet Storm
230454 7.5 危険 XOOPS - XOOPS 用の Repository モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-1847 2012-12-20 18:19 2007-04-3 Show GitHub Exploit DB Packet Storm
230455 7.5 危険 XOOPS - Xoops 用の MyAds モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-1846 2012-12-20 18:19 2007-04-3 Show GitHub Exploit DB Packet Storm
230456 7.5 危険 XOOPS - Xoops 用の Friendfinder モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-1838 2012-12-20 18:19 2007-04-2 Show GitHub Exploit DB Packet Storm
230457 5 警告 web-app.org - web-app.org WebAPP における特定のファイルをアップロードされる脆弱性 - CVE-2007-1832 2012-12-20 18:19 2007-04-2 Show GitHub Exploit DB Packet Storm
230458 6 警告 web-app.org - web-app.org WebAPP におけるファイルを開かれる脆弱性 - CVE-2007-1831 2012-12-20 18:19 2007-04-2 Show GitHub Exploit DB Packet Storm
230459 4.3 警告 web-app.org - web-app.org WebAPP 用の Username Hijacking Patch における管理アクセス権限を取得される脆弱性 - CVE-2007-1830 2012-12-20 18:19 2007-04-2 Show GitHub Exploit DB Packet Storm
230460 7.5 危険 web-app.net - web-app.net WebAPP における脆弱性 - CVE-2007-1829 2012-12-20 18:19 2007-03-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199901 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.5.4.0 and 1.7.6.5, there is a reflected XSS on Exception page The problem is fixed in 1.7.6.5 CWE-79
Cross-site Scripting 		CVE-2020-5278 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199902 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a reflected XSS on AdminCarts page with `cartBox` parameter The problem is fixed in 1.7.6.5 CWE-79
Cross-site Scripting 		CVE-2020-5276 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199903 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is a reflected XSS on Search page with `alias` and `search` parameters. The problem is patched in 1.7.6.5 CWE-79
Cross-site Scripting 		CVE-2020-5272 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199904 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a reflected XSS with `date_from` and `date_to` parameters in the dashboard page This problem is fixed in 1.7.6.5 CWE-79
Cross-site Scripting 		CVE-2020-5271 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199905 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open redirection when using back parameter. The impacts can be many, and vary from the theft of information and credentials to the redi… CWE-601
Open Redirect 		CVE-2020-5270 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199906 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflected XSS on AdminFeatures page by using the `id_feature` parameter. The problem is fixed in 1.7.6.5 CWE-79
Cross-site Scripting 		CVE-2020-5269 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199907 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflected XSS on AdminAttributesGroups page. The problem is patched in 1.7.6.5. CWE-79
Cross-site Scripting 		CVE-2020-5265 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199908 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute arbitrary action. The problem is patched in the 1.7.6.5. CWE-79
Cross-site Scripting 		CVE-2020-5264 2024-11-21 14:33 2020-04-21 Show GitHub Exploit DB Packet Storm
199909 5.4 MEDIUM
Network 		prestashop prestashop_socialfollow PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflected XSS with social networks fields The problem is fixed in 2.1.0 CWE-79
Cross-site Scripting 		CVE-2020-5294 2024-11-21 14:33 2020-04-17 Show GitHub Exploit DB Packet Storm
199910 5.4 MEDIUM
Network 		prestashop prestashop_linklist In PrestaShop module ps_linklist versions before 3.1.0, there is a stored XSS when using custom URLs. The problem is fixed in version 3.1.0 CWE-79
Cross-site Scripting 		CVE-2020-5273 2024-11-21 14:33 2020-04-17 Show GitHub Exploit DB Packet Storm