Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230951	5	警告	scriptsez.net	-	Scriptsez.net E-Dating System の cindex.php におけるフルパスを取得される脆弱性	-	CVE-2006-7060	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230952	4.3	警告	scriptsez.net	-	Scriptsez.net E-Dating System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-7059	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230953	4.3	警告	Ando Saabas	-	Sphider におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7058	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230954	7.5	危険	Ando Saabas	-	Sphider の search.php における SQL インジェクションの脆弱性	-	CVE-2006-7057	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230955	6.8	警告	sweetphp	-	TotalCalendar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7055	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230956	6.8	警告	Wikka Development Team	-	WikkaWiki におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7050	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230957	7.5	危険	Wikka Development Team	-	WikkaWiki の Method メソッドにおけるアクセス制限を回避される脆弱性	-	CVE-2006-7049	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230958	5	警告	shoutpro	-	Shoutpro の include.php における禁止 IP 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2006-7047	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230959	7.8	危険	super link exchange script	-	Super Link Exchange Script の make_thumbnail.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7035	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

230960	7.5	危険	super link exchange script	-	Super Link Exchange Script の directory.php における SQL インジェクションの脆弱性	-	CVE-2006-7034	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211181	5.4	MEDIUM Network	shopware	shopware	In Shopware before 6.2.3, authenticated users are allowed to use the Mediabrowser fileupload feature to upload SVG images containing JavaScript. This leads to Persistent XSS. An uploaded image can be…	CWE-79 Cross-site Scripting	CVE-2020-13971	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211182	8.8	HIGH Network	shopware	shopware	Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-13970	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211183	9.8	CRITICAL Network	ruckuswireless	unleashed_firmware	emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R31…	CWE-77 Command Injection	CVE-2020-13919	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211184	7.5	HIGH Network	ruckuswireless	unleashed_firmware	Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated cra…	NVD-CWE-noinfo	CVE-2020-13918	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211185	9.8	CRITICAL Network	ruckuswireless	unleashed_firmware	rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M51…	CWE-77 Command Injection	CVE-2020-13917	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211186	9.8	CRITICAL Network	ruckuswireless	unleashed_firmware	A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H32…	CWE-787 Out-of-bounds Write	CVE-2020-13916	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211187	7.5	HIGH Network	ruckuswireless	unleashed_firmware	Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affec…	CWE-522 CWE-732 Insufficiently Protected Credentials Incorrect Permission Assignment for Critical Resource	CVE-2020-13915	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211188	7.5	HIGH Network	ruckuswireless	unleashed_firmware	webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This…	NVD-CWE-noinfo	CVE-2020-13914	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211189	6.1	MEDIUM Network	ruckuswireless	unleashed_firmware	An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H32…	CWE-79 Cross-site Scripting	CVE-2020-13913	2024-11-21 14:02	2020-07-29	Show	GitHub Exploit DB Packet Storm

211190	6.5	MEDIUM Network	redhat	jboss_fuse single_sign-on openshift_application_runtimes jboss_enterprise_application_platform_continuous_delivery amq	A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a …	-	CVE-2020-14307	2024-11-21 14:02	2020-07-25	Show	GitHub Exploit DB Packet Storm