Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231271	7.5	危険	simpcms	-	SimpCMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4953	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231272	5.1	警告	webmedia explorer	-	webmex における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4948	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231273	6.8	警告	phpffl	-	phpFFL における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4935	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231274	4.6	警告	phpffl	-	phpFFL における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4934	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231275	7.5	危険	shop-script	-	Shop-Script の includes/admin/sub/conf_appearence.php における任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2007-4933	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231276	7.5	危険	shop-script	-	Shop-Script の admin.php における admin パネルへアクセスされる脆弱性	CWE-20 不適切な入力確認	CVE-2007-4932	2012-12-20 18:33	2007-09-18	Show	GitHub Exploit DB Packet Storm

231277	4.3	警告	php-stats	-	PHP-Stats の tracking.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4917	2012-12-20 18:33	2007-09-17	Show	GitHub Exploit DB Packet Storm

231278	9.3	危険	WinSCP	-	WinSCP におけるリモートサーバで任意のファイル転送を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4909	2012-12-20 18:33	2007-09-17	Show	GitHub Exploit DB Packet Storm

231279	7.5	危険	Qualiteam Software Limited	-	X-Cart における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4907	2012-12-20 18:33	2007-09-17	Show	GitHub Exploit DB Packet Storm

231280	4.3	警告	リアルネットワークス	-	RealNetworks RealPlayer および Helix Player におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2007-4904	2012-12-20 18:33	2007-09-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210261	6.5	MEDIUM Network	ec_cloud_e-commerce_system_project	ec_cloud_e-commerce_system	EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add.	CWE-352 Origin Validation Error	CVE-2020-21139	2024-11-21 14:12	2021-11-5	Show	GitHub Exploit DB Packet Storm

210262	9.6	CRITICAL Network	wdja	wdja_cms	Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.	CWE-79 Cross-site Scripting	CVE-2020-20982	2024-11-21 14:12	2021-11-4	Show	GitHub Exploit DB Packet Storm

210263	7.5	HIGH Network	c-http_project	c-http	Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function.	CWE-120 Classic Buffer Overflow	CVE-2020-21574	2024-11-21 14:12	2021-11-3	Show	GitHub Exploit DB Packet Storm

210264	5.5	MEDIUM Local	image-processing_project	image-processing	An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local attackers to cause a denial of service via a crafted image file.	CWE-400 Uncontrolled Resource Consumption	CVE-2020-21573	2024-11-21 14:12	2021-11-3	Show	GitHub Exploit DB Packet Storm

210265	7.5	HIGH Network	gilcc_project	gilcc	Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 trgil gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759, allows attackers to cause a denial of service.	CWE-120 Classic Buffer Overflow	CVE-2020-21572	2024-11-21 14:12	2021-11-3	Show	GitHub Exploit DB Packet Storm

210266	7.5	HIGH Network	libiec_iccp_mod_project	libiec_iccp_mod	Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space.	CWE-120 Classic Buffer Overflow	CVE-2020-20658	2024-11-21 14:12	2021-11-3	Show	GitHub Exploit DB Packet Storm

210267	7.5	HIGH Network	libiec_iccp_mod_project	libiec_iccp_mod	Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows attackers to cause a denial of service via an unexpected packet while trying to connect.	CWE-120 Classic Buffer Overflow	CVE-2020-20657	2024-11-21 14:12	2021-11-3	Show	GitHub Exploit DB Packet Storm

210268	9.8	CRITICAL Network	cszcms	csz_cms	CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php.	CWE-89 SQL Injection	CVE-2020-21250	2024-11-21 14:12	2021-10-28	Show	GitHub Exploit DB Packet Storm

210269	5.4	MEDIUM Network	akaunting	akaunting	Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name…	CWE-79 Cross-site Scripting	CVE-2020-20908	2024-11-21 14:12	2021-10-26	Show	GitHub Exploit DB Packet Storm

210270	5.4	MEDIUM Network	jeecms	jeecms_x	JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload.	CWE-79 Cross-site Scripting	CVE-2020-21729	2024-11-21 14:12	2021-10-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed