Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230831 7.5 危険 revou - ReVou Micro Blogging 用の TClone プラグインにおける管理者のパスワードを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6752 2012-12-20 19:10 2009-04-24 Show GitHub Exploit DB Packet Storm
230832 6.8 警告 revou - ReVou Micro Blogging 用の TClone プラグインにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6751 2012-12-20 19:10 2009-04-24 Show GitHub Exploit DB Packet Storm
230833 7.5 危険 shock-therapy - RSMScript における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6743 2012-12-20 19:10 2009-04-22 Show GitHub Exploit DB Packet Storm
230834 7.5 危険 Simple Machines - SMF の Load.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6741 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
230835 7.5 危険 toddwoolums - Todd Woolums ASP Download 管理スクリプトにおける管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-6739 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
230836 5.8 警告 thaiquickcart - ThaiQuickCart の qc/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6735 2012-12-20 19:10 2009-04-21 Show GitHub Exploit DB Packet Storm
230837 6.8 警告 phpmotion - PHPmotion の password.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6729 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
230838 7.5 危険 PHPNUKE - PHP-Nuke の Sections モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6728 2012-12-20 19:10 2009-04-20 Show GitHub Exploit DB Packet Storm
230839 7.5 危険 turnkeyforms - TurnkeyForms Entertainment Portal における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6723 2012-12-20 19:10 2009-04-14 Show GitHub Exploit DB Packet Storm
230840 7.5 危険 uochm - U&M Software Event Lister における脆弱性 CWE-287
不適切な認証 		CVE-2008-6719 2012-12-20 19:10 2009-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196311 4.6 MEDIUM
Physics 		teradici pcoip_connection_manager_and_security_gateway Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2021-25692 2024-11-21 14:55 2021-04-7 Show GitHub Exploit DB Packet Storm
196312 6.1 MEDIUM
Network 		magnolia-cms magnolia_cms Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the /magnoliaPublic/travel/members/login.html mgnlUserId parameter. CWE-79
Cross-site Scripting 		CVE-2021-25894 2024-11-21 14:55 2021-04-2 Show GitHub Exploit DB Packet Storm
196313 5.4 MEDIUM
Network 		magnolia-cms magnolia_cms Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the setText parameter of /magnoliaAuthor/.magnolia/. CWE-79
Cross-site Scripting 		CVE-2021-25893 2024-11-21 14:55 2021-04-2 Show GitHub Exploit DB Packet Storm
196314 4.3 MEDIUM
Network 		atlassian confluence_server
confluence_data_center 		The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Sid… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-26072 2024-11-21 14:55 2021-04-2 Show GitHub Exploit DB Packet Storm
196315 8.8 HIGH
Network 		thoughtworks gocd In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. An attacker can trick a victim to click on a ma… CWE-352
 Origin Validation Error 		CVE-2021-25924 2024-11-21 14:55 2021-04-2 Show GitHub Exploit DB Packet Storm
196316 3.5 LOW
Network 		atlassian data_center
jira
jira_server
jira_data_center 		The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymo… CWE-352
 Origin Validation Error 		CVE-2021-26071 2024-11-21 14:55 2021-04-1 Show GitHub Exploit DB Packet Storm
196317 6.1 MEDIUM
Network 		open-emr openemr In OpenEMR, versions 4.2.0 to 6.0.0 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly. An attacker could trick a user to click on a malicious url a… CWE-79
Cross-site Scripting 		CVE-2021-25922 2024-11-21 14:55 2021-03-23 Show GitHub Exploit DB Packet Storm
196318 5.4 MEDIUM
Network 		open-emr openemr In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly in the `Allergies` section. An attacker could lure an admin … CWE-79
Cross-site Scripting 		CVE-2021-25921 2024-11-21 14:55 2021-03-23 Show GitHub Exploit DB Packet Storm
196319 6.5 MEDIUM
Network 		open-emr openemr In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the … CWE-178
 Improper Handling of Case Sensitivity 		CVE-2021-25920 2024-11-21 14:55 2021-03-23 Show GitHub Exploit DB Packet Storm
196320 4.8 MEDIUM
Network 		open-emr openemr In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. A highly privileged attacker could inject arbitrary code into i… CWE-79
Cross-site Scripting 		CVE-2021-25919 2024-11-21 14:55 2021-03-23 Show GitHub Exploit DB Packet Storm