Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231471	6.8	警告	pindorama	-	Pindorama の active/components/xmlrpc/client.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5387	2012-12-20 18:33	2007-10-12	Show	GitHub Exploit DB Packet Storm

231472	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5386	2012-12-20 18:33	2007-10-12	Show	GitHub Exploit DB Packet Storm

231473	2.6	注意	サン・マイクロシステムズ	-	Sun JVM におけるマルチピン DNS リバインド攻撃を実行される脆弱性	CWE-16 CWE-20	CVE-2007-5375	2012-12-20 18:33	2007-10-11	Show	GitHub Exploit DB Packet Storm

231474	6.8	警告	verlihub-project	-	VHCP の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 CWE-94	CVE-2007-5321	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231475	5	警告	typolight	-	TYPOlight webCMS の preview.php における任意のファイルをダウンロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2007-5318	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231476	5	警告	SoftbizScripts	-	Softbiz Jobs and Recruitment Script の browsecats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5316	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231477	6.8	警告	softpedia	-	Softonic International SciTE における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5315	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231478	6.8	警告	xkiosk	-	xKiosk WEB の system/funcs/xkurl.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5314	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231479	7.5	危険	script-solution.de	-	Picturesolution の install/config.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5313	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

231480	4.3	警告	torrenttrader	-	TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5312	2012-12-20 18:33	2007-10-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210511	6.1	MEDIUM Network	zblogcn	zblogphp	Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model.	CWE-79 Cross-site Scripting	CVE-2020-23327	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210512	7.5	HIGH Network	jsish	jsish	An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file.	CWE-787 Out-of-bounds Write	CVE-2020-23260	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210513	7.5	HIGH Network	jsish	jsish	An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file.	CWE-476 NULL Pointer Dereference	CVE-2020-23259	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210514	7.5	HIGH Network	jsish	jsish	An issue found in Jsish v.3.0.11 allows a remote attacker to cause a denial of service via the Jsi_ValueIsNumber function in ./src/jsiValue.c file.	CWE-787 Out-of-bounds Write	CVE-2020-23258	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210515	7.5	HIGH Network	espruino	espruino	Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of service via the function jsvGarbageCollectMarkUsed in file src/jsvar.c.	CWE-120 Classic Buffer Overflow	CVE-2020-23257	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210516	6.1	MEDIUM Network	easycorp	zentao	Cross Site Scripting vulnerability found in Zentao allows a remote attacker to execute arbitrary code via the lang parameter	CWE-79 Cross-site Scripting	CVE-2020-22533	2024-11-21 14:13	2023-04-5	Show	GitHub Exploit DB Packet Storm

210517	9.8	CRITICAL Network	phpmyadmin	phpmyadmin	SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.	CWE-89 SQL Injection	CVE-2020-22452	2024-11-21 14:13	2023-01-27	Show	GitHub Exploit DB Packet Storm

210518	6.1	MEDIUM Network	hfish_project	hfish	An issue was discovered in HFish 0.5.1. When a payload is inserted where the name is entered, XSS code is triggered when the administrator views the information.	CWE-79 Cross-site Scripting	CVE-2020-22327	2024-11-21 14:13	2023-01-27	Show	GitHub Exploit DB Packet Storm

210519	9.8	CRITICAL Network	electerm_project	electerm	An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.	NVD-CWE-noinfo	CVE-2020-23256	2024-11-21 14:13	2023-01-21	Show	GitHub Exploit DB Packet Storm

210520	7.5	HIGH Network	ruckuswireless	r310_firmware r500_firmware r600_firmware t300_firmware t301n_firmware t301s_firmware scg200_firmware sz-100_firmware sz-300_firmware vsz_firmware zonedirector_1100_firm…	In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before …	CWE-77 Command Injection	CVE-2020-22662	2024-11-21 14:13	2023-01-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed