Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231141	7.5	危険	submitterscript	-	Submitter Script の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1813	2012-12-20 19:10	2009-05-29	Show	GitHub Exploit DB Packet Storm

231142	7.5	危険	videoscript	-	VideoScript.us YouTube Video Script の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1804	2012-12-20 19:10	2009-05-28	Show	GitHub Exploit DB Packet Storm

231143	6.8	警告	sebastian-thiele	-	ST-Gallery の st_admin/gallery_output.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1799	2012-12-20 19:10	2009-05-28	Show	GitHub Exploit DB Packet Storm

231144	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Portal Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1796	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

231145	9.3	危険	stonetrip	-	StoneTrip Ston3D StandalonePlayer および WebPlayer の system.openURL 関数における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2009-1792	2012-12-20 19:10	2009-05-29	Show	GitHub Exploit DB Packet Storm

231146	7.5	危険	phpdirsubmit	-	PHP Dir Submit における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1787	2012-12-20 19:10	2009-05-26	Show	GitHub Exploit DB Packet Storm

231147	4.3	警告	ulteo	-	Ulteo Open Virtual Desktop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1785	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

231148	6.8	警告	roboform	-	Frax.dk Php Recommend の admin.php における phpre_config.php へ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-1781	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

231149	7.5	危険	roboform	-	Frax.dk Php Recommend の admin.php における管理者権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1780	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

231150	6.8	警告	roboform	-	Frax.dk Php Recommend の admin.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-1779	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200721	4.3	MEDIUM Network	cybozu	garoon	Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.	CWE-20 Improper Input Validation	CVE-2021-20775	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200722	5.4	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20774	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200723	4.3	MEDIUM Network	cybozu	garoon	There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.	NVD-CWE-noinfo	CVE-2021-20773	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200724	4.3	MEDIUM Network	cybozu	garoon	Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege.	NVD-CWE-Other	CVE-2021-20772	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200725	6.1	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20771	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200726	5.4	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20770	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200727	5.4	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20769	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200728	4.3	MEDIUM Network	cybozu	garoon	Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport witho…	NVD-CWE-Other	CVE-2021-20768	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200729	5.4	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20767	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm

200730	6.1	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20766	2024-11-21 14:47	2021-08-18	Show	GitHub Exploit DB Packet Storm