Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231271 7.5 危険 simpcms - SimpCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4953 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231272 5.1 警告 webmedia explorer - webmex における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4948 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231273 6.8 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4935 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231274 4.6 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4934 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231275 7.5 危険 shop-script - Shop-Script の includes/admin/sub/conf_appearence.php における任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4933 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231276 7.5 危険 shop-script - Shop-Script の admin.php における admin パネルへアクセスされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4932 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231277 4.3 警告 php-stats - PHP-Stats の tracking.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4917 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231278 9.3 危険 WinSCP - WinSCP におけるリモートサーバで任意のファイル転送を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4909 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231279 7.5 危険 Qualiteam Software Limited - X-Cart における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4907 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231280 4.3 警告 リアルネットワークス - RealNetworks RealPlayer および Helix Player におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2007-4904 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210421 6.1 MEDIUM
Network 		feehi feehicms Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag. CWE-79
Cross-site Scripting 		CVE-2020-20589 2024-11-21 14:12 2022-12-16 Show GitHub Exploit DB Packet Storm
210422 9.8 CRITICAL
Network 		dlink dir-846_firmware D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. NVD-CWE-noinfo
CVE-2020-21016 2024-11-21 14:12 2022-10-31 Show GitHub Exploit DB Packet Storm
210423 9.8 CRITICAL
Network 		feehi feehicms There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-21516 2024-11-21 14:12 2022-09-7 Show GitHub Exploit DB Packet Storm
210424 9.8 CRITICAL
Network 		zohocorp manageengine_analytics_plus Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code. CWE-22
Path Traversal 		CVE-2020-21642 2024-11-21 14:12 2022-08-16 Show GitHub Exploit DB Packet Storm
210425 7.5 HIGH
Network 		zohocorp manageengine_analytics_plus Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via… CWE-611
XXE 		CVE-2020-21641 2024-11-21 14:12 2022-08-16 Show GitHub Exploit DB Packet Storm
210426 7.5 HIGH
Network 		wkhtmltopdf
debian 		wkhtmltopdf
debian_linux 		Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configu… CWE-22
Path Traversal 		CVE-2020-21365 2024-11-21 14:12 2022-08-16 Show GitHub Exploit DB Packet Storm
210427 7.5 HIGH
Network 		v88_smart_tv_box_project
rk_max_smart_tv_box_project 		v88_smart_tv_box_firmware
rk_max_smart_tv_box_firmware 		An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service. NVD-CWE-noinfo
CVE-2020-21406 2024-11-21 14:12 2022-07-21 Show GitHub Exploit DB Packet Storm
210428 7.5 HIGH
Network 		h96tvbox h96_pro_plus_firmware An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-21405 2024-11-21 14:12 2022-07-21 Show GitHub Exploit DB Packet Storm
210429 4.8 MEDIUM
Network 		prestashop prestashop File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. CWE-79
Cross-site Scripting 		CVE-2020-21967 2024-11-21 14:12 2022-07-14 Show GitHub Exploit DB Packet Storm
210430 6.1 MEDIUM
Network 		ruckuswireless zonedirector_firmware Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0. CWE-79
Cross-site Scripting 		CVE-2020-21161 2024-11-21 14:12 2022-06-28 Show GitHub Exploit DB Packet Storm