Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231751 10 危険 visionsoft - Visionsoft Audit の VSAOD における任意のファイルを作成される脆弱性 - CVE-2007-4149 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
231752 10 危険 visionsoft - Visionsoft Audit の VSAOD におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-4148 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
231753 4.3 警告 webevents - ebEvent の webevent.cgi におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4146 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
231754 4 警告 phpcoupon - phpCoupon の Billing Control Panel における Premium Member ステイタスを取得される脆弱性 - CVE-2007-4143 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
231755 4.3 警告 WordPress.org - WordPress の Temporary Uploads 編集機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4139 2012-12-20 18:33 2007-08-3 Show GitHub Exploit DB Packet Storm
231756 6.5 警告 レッドハット - Red Hat Network Satellite Server における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2007-4132 2012-12-20 18:33 2007-08-29 Show GitHub Exploit DB Packet Storm
231757 7.5 危険 suskunduygular - SuskunDuygular Uyelik Sistemi の unuttum.asp における SQL インジェクションの脆弱性 - CVE-2007-4114 2012-12-20 18:33 2007-07-31 Show GitHub Exploit DB Packet Storm
231758 7.5 危険 phpmyforum - phpMyForum の editpost.php における SQL インジェクションの脆弱性 - CVE-2007-4107 2012-12-20 18:33 2007-06-7 Show GitHub Exploit DB Packet Storm
231759 4.3 警告 sblog - sBlog の search.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4102 2012-12-20 18:33 2007-07-31 Show GitHub Exploit DB Packet Storm
231760 5.8 警告 The Tor Project - Tor における重要な情報を取得される脆弱性 - CVE-2007-4099 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211001 5.4 MEDIUM
Network 		akaunting akaunting Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name… CWE-79
Cross-site Scripting 		CVE-2020-20908 2024-11-21 14:12 2021-10-26 Show GitHub Exploit DB Packet Storm
211002 5.4 MEDIUM
Network 		jeecms jeecms_x JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CWE-79
Cross-site Scripting 		CVE-2020-21729 2024-11-21 14:12 2021-10-8 Show GitHub Exploit DB Packet Storm
211003 9.8 CRITICAL
Network 		opensns opensns OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter. CWE-89
SQL Injection 		CVE-2020-21726 2024-11-21 14:12 2021-10-8 Show GitHub Exploit DB Packet Storm
211004 9.8 CRITICAL
Network 		opensns opensns OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter. CWE-89
SQL Injection 		CVE-2020-21725 2024-11-21 14:12 2021-10-8 Show GitHub Exploit DB Packet Storm
211005 9.8 CRITICAL
Network 		thinkphp50-cms_project thinkphp50-cms ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha. NVD-CWE-noinfo
CVE-2020-21865 2024-11-21 14:12 2021-10-8 Show GitHub Exploit DB Packet Storm
211006 6.5 MEDIUM
Network 		wdja wdja_cms A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL. CWE-352
 Origin Validation Error 		CVE-2020-21658 2024-11-21 14:12 2021-10-7 Show GitHub Exploit DB Packet Storm
211007 5.4 MEDIUM
Network 		xyhcms xyhcms XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index. CWE-79
Cross-site Scripting 		CVE-2020-21656 2024-11-21 14:12 2021-10-7 Show GitHub Exploit DB Packet Storm
211008 7.2 HIGH
Network 		emlog emlog emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file. NVD-CWE-noinfo
CVE-2020-21654 2024-11-21 14:12 2021-10-7 Show GitHub Exploit DB Packet Storm
211009 9.1 CRITICAL
Network 		myucms_project myucms Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-21653 2024-11-21 14:12 2021-10-7 Show GitHub Exploit DB Packet Storm
211010 9.8 CRITICAL
Network 		myucms_project myucms Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method. CWE-94
Code Injection 		CVE-2020-21652 2024-11-21 14:12 2021-10-7 Show GitHub Exploit DB Packet Storm