Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231281	2.1	注意	XWiki	-	XWiki Enterprise の Multiwiki プラグインにおける重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2007-4898	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231282	4.3	警告	toms-seiten.at	-	Toms Gaestebuch の admin/header.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4896	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231283	5	警告	sisfo kampus	-	Semarang 3 の dwoprn.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4895	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231284	7.5	危険	WordPress.org	-	Wordpress および MU における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4894	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

231285	4.3	警告	WordPress.org	-	Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-4893	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

231286	7.5	危険	swsoft	-	Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4892	2012-12-20 18:33	2007-09-14	Show	GitHub Exploit DB Packet Storm

231287	3.5	注意	XWiki	-	XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性	CWE-DesignError	CVE-2007-4888	2012-12-20 18:33	2007-01-11	Show	GitHub Exploit DB Packet Storm

231288	4.3	警告	techexcel inc.	-	TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4882	2012-12-20 18:33	2007-09-13	Show	GitHub Exploit DB Packet Storm

231289	7.5	危険	psi-labs	-	psisns の profile/myprofile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4881	2012-12-20 18:33	2007-09-13	Show	GitHub Exploit DB Packet Storm

231290	5	警告	Simplenews Project	-	SimpNews における任意の .inc ファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4873	2012-12-20 18:33	2007-09-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210461	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduse…	CWE-352 Origin Validation Error	CVE-2020-21884	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

210462	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.	CWE-78 OS Command	CVE-2020-21883	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

210463	4.3	MEDIUM Network	wuzhicms	wuzhicms	Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter.	CWE-22 Path Traversal	CVE-2020-21590	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

210464	5.5	MEDIUM Local	coreftp	core_ftp	Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.	CWE-120 Classic Buffer Overflow	CVE-2020-21588	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

210465	9.8	CRITICAL Network	emlog	emlog	Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-21585	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

210466	5.4	MEDIUM Network	seeyon	g6_government_collaborative_system	Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.	CWE-79 Cross-site Scripting	CVE-2020-20545	2024-11-21 14:12	2021-03-30	Show	GitHub Exploit DB Packet Storm

210467	9.8	CRITICAL Network	inspur	clusterengine	A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server	CWE-88 Argument Injection	CVE-2020-21224	2024-11-21 14:12	2021-02-23	Show	GitHub Exploit DB Packet Storm

210468	9.8	CRITICAL Network	koa2-blog_project	koa2-blog	Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signup page.	CWE-89 SQL Injection	CVE-2020-21180	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

210469	9.8	CRITICAL Network	koa2-blog_project	koa2-blog	Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page.	CWE-89 SQL Injection	CVE-2020-21179	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

210470	9.8	CRITICAL Network	thinkjs	thinkjs	SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.	CWE-89 SQL Injection	CVE-2020-21176	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed