Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231101	9.3	危険	rkd software	-	RKD Software の BarCodeAx.dll におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3435	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231102	7.5	危険	PluXml	-	Pluxml の admin/images.php における任意のコードをアップロードおよび実行される脆弱性	-	CVE-2007-3432	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231103	6.8	警告	valerio capello	-	Valerio Capello Dagger - The Cutting Edge r23jan2007 の cal.func.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3431	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231104	7.5	危険	Simple Invoices	-	Simple Invoices 2007 の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3430	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231105	7.5	危険	ZoneO-soft	-	phpTrafficA における脆弱性	-	CVE-2007-3428	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231106	7.5	危険	ZoneO-soft	-	phpTrafficA の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3427	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231107	4.3	警告	ZoneO-soft	-	phpTrafficA の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3426	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231108	5	警告	ZoneO-soft	-	phpTrafficA の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3425	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231109	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性	-	CVE-2007-3424	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

231110	7.5	危険	web-app.org	-	web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性	-	CVE-2007-3423	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197871	6.5	MEDIUM Network	soplanning	soplanning	SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php.	CWE-352 Origin Validation Error	CVE-2020-9267	2024-11-21 14:40	2020-02-19	Show	GitHub Exploit DB Packet Storm

197872	6.5	MEDIUM Network	soplanning	soplanning	SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php.	CWE-352 Origin Validation Error	CVE-2020-9266	2024-11-21 14:40	2020-02-19	Show	GitHub Exploit DB Packet Storm

197873	8.2	HIGH Network	ciprianmp	phpmychat-plus	phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.	CWE-89 SQL Injection	CVE-2020-9265	2024-11-21 14:40	2020-02-19	Show	GitHub Exploit DB Packet Storm

197874	5.5	MEDIUM Local	eset	nod32_antivirus internet_security smart_security mobile_security smart_tv_security cyber_security	ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Intern…	CWE-436 Interpretation Conflict	CVE-2020-9264	2024-11-21 14:40	2020-02-19	Show	GitHub Exploit DB Packet Storm

197875	4.3	MEDIUM Network	google	site_kit	The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the admin_enqueue…	CWE-252 Unchecked Return Value	CVE-2020-8934	2024-11-21 14:39	2023-07-7	Show	GitHub Exploit DB Packet Storm

197876	3.7	LOW Network	shipstation	shipstation	The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database (via action=shipnotify) because access to this endpoint is completely …	CWE-862 Missing Authorization	CVE-2020-9009	2024-11-21 14:39	2023-04-12	Show	GitHub Exploit DB Packet Storm

197877	7.5	HIGH Network	shipstation	shipstation	The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information (via action=export) because a typo results in a successful comparison of a blank password and NULL.	NVD-CWE-noinfo	CVE-2020-8889	2024-11-21 14:39	2023-03-29	Show	GitHub Exploit DB Packet Storm

197878	8.8	HIGH Network	zigor	zgr_tps200_ng_firmware	The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happe…	CWE-352 Origin Validation Error	CVE-2020-8976	2024-11-21 14:39	2022-10-18	Show	GitHub Exploit DB Packet Storm

197879	7.5	HIGH Network	zigor	zgr_tps200_ng_firmware	ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes (URIs) used by the application, to access…	CWE-200 Information Exposure	CVE-2020-8975	2024-11-21 14:39	2022-10-18	Show	GitHub Exploit DB Packet Storm

197880	9.1	CRITICAL Network	zigor	zgr_tps200_ng_firmware	In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web w…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-8974	2024-11-21 14:39	2022-10-18	Show	GitHub Exploit DB Packet Storm