Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231481 5 警告 Tincan - Webbler CMS における任意の数量の偽装メールを送信される脆弱性 - CVE-2007-4073 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231482 5 警告 Tincan - Webbler CMS における重要な情報を取得される脆弱性 - CVE-2007-4072 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231483 4.3 警告 Tincan - Webbler CMS の uploader/index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4071 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231484 5.8 警告 webyapar - Webyapar における SQL インジェクションの脆弱性 - CVE-2007-4068 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231485 5.8 警告 VMware - EMC VMware の IntraProcessLogging.dll における絶対パストラバーサルの脆弱性 - CVE-2007-4059 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231486 4.6 警告 ultradefrag - UltraDefrag の FindFiles 関数におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-4051 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231487 4.3 警告 phpsysinfo - phpSysInfo の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4048 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
231488 5 警告 securecomputing - Secure Computing SecurityReporter の file.cgi における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-4043 2012-12-20 18:33 2007-07-27 Show GitHub Exploit DB Packet Storm
231489 9.3 危険 Yahoo! - Yahoo! Widgets の YDPCTL.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4034 2012-12-20 18:33 2007-07-27 Show GitHub Exploit DB Packet Storm
231490 7.5 危険 webSPELL - Webspell の index.php における絶対パストラバーサルの脆弱性 - CVE-2007-4028 2012-12-20 18:33 2007-07-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210631 7.5 HIGH
Network 		zblogcn z-blogphp Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zb_user/plugin/passwordvisit/include.php:passwordvisit_inp… NVD-CWE-Other
CVE-2020-23352 2024-11-21 14:13 2021-01-28 Show GitHub Exploit DB Packet Storm
210632 7.5 HIGH
Network 		newbee-mall_project newbee-mall newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information t… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-23449 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210633 9.8 CRITICAL
Network 		newbee-mall_project newbee-mall newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code… CWE-306
CWE-706
Missing Authentication for Critical Function
 Use of Incorrectly-Resolved Name or Reference 		CVE-2020-23448 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210634 6.1 MEDIUM
Network 		newbee-mall_project newbee-mall newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View… CWE-79
Cross-site Scripting 		CVE-2020-23447 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210635 9.8 CRITICAL
Network 		mingsoft mcms An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do. CWE-89
SQL Injection 		CVE-2020-23262 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210636 7.5 HIGH
Network 		pyres termod4_firmware Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-23162 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210637 6.5 MEDIUM
Network 		pyres termod4_firmware Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu a… CWE-22
Path Traversal 		CVE-2020-23161 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210638 8.8 HIGH
Network 		pyres termod4_firmware Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. NVD-CWE-noinfo
CVE-2020-23160 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210639 5.4 MEDIUM
Network 		apfell_project apfell APfell 1.4 is vulnerable to authenticated reflected cross-site scripting (XSS) in /apiui/command_ through the payloadtypes_callback function, which allows an attacker to steal remote admin/user sessi… CWE-79
Cross-site Scripting 		CVE-2020-23014 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm
210640 7.2 HIGH
Network 		feehi feehi_cms Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to pote… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-22643 2024-11-21 14:13 2021-01-27 Show GitHub Exploit DB Packet Storm