Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231831	7.5	危険	taskdriver	-	TaskDriver における SQL インジェクションの脆弱性	-	CVE-2007-2622	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231832	4.6	警告	シマンテック	-	Symantec pcAnywhere における資格情報を取得される脆弱性	-	CVE-2007-2619	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231833	2.1	注意	サン・マイクロシステムズ	-	Sun Solaris の SRS Net Connect Software Proxy Core パッケージにおける任意のファイルの最初の行を読まれる脆弱性	-	CVE-2007-2617	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231834	7.5	危険	phphtmllib	-	phpHtmlLib の examples/widget8.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2614	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231835	8.3	危険	Wikka Development Team	-	WikkaWiki における任意の設定ファイルをアップロードされる脆弱性	-	CVE-2007-2613	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231836	7.5	危険	Wikka Development Team	-	WikkaWiki の libs/Wakka.class.php における SQL インジェクションの脆弱性	-	CVE-2007-2612	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231837	6.8	警告	wavelink media	-	TutorialCMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2600	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231838	7.5	危険	wavelink media	-	TutorialCMS における SQL インジェクションの脆弱性	-	CVE-2007-2599	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231839	10	危険	Simplenews Project	-	SimpleNews の print.php における SQL インジェクションの脆弱性	-	CVE-2007-2598	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

231840	7.5	危険	telltargetcms	-	telltarget CMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2597	2012-12-20 18:19	2007-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211991	6.1	MEDIUM Network	1234n	minicms	Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php".	CWE-79 Cross-site Scripting	CVE-2020-17999	2024-11-21 14:08	2021-04-29	Show	GitHub Exploit DB Packet Storm

211992	9.8	CRITICAL Network	phpshe	mall_system	SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" compo…	CWE-89 SQL Injection	CVE-2020-18020	2024-11-21 14:08	2021-04-28	Show	GitHub Exploit DB Packet Storm

211993	7.5	HIGH Network	xinfu	oa_system	SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "m…	CWE-89 SQL Injection	CVE-2020-18019	2024-11-21 14:08	2021-04-28	Show	GitHub Exploit DB Packet Storm

211994	7.5	HIGH Network	apache	ozone	The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl comma…	CWE-306 Missing Authentication for Critical Function	CVE-2020-17517	2024-11-21 14:08	2021-04-27	Show	GitHub Exploit DB Packet Storm

211995	5.4	MEDIUM Network	dotcms	dotcms	Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin/#/c/workflow" co…	CWE-79 Cross-site Scripting	CVE-2020-17542	2024-11-21 14:08	2021-04-24	Show	GitHub Exploit DB Packet Storm

211996	9.1	CRITICAL Network	feifeicms	feifeicms	Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component.	CWE-22 Path Traversal	CVE-2020-17564	2024-11-21 14:08	2021-04-23	Show	GitHub Exploit DB Packet Storm

211997	9.1	CRITICAL Network	feifeicms	feifeicms	Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=".	CWE-22 Path Traversal	CVE-2020-17563	2024-11-21 14:08	2021-04-23	Show	GitHub Exploit DB Packet Storm

211998	6.1	MEDIUM Network	wso2	identity_server_as_key_manager enterprise_integrator api_microgateway identity_server api_manager_analytics identity_server_analytics micro_integrator api_manager	WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.	CWE-79 Cross-site Scripting	CVE-2020-17453	2024-11-21 14:08	2021-04-6	Show	GitHub Exploit DB Packet Storm

211999	5.4	MEDIUM Network	fujitsu	serverview_remote_management	Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in…	CWE-79 Cross-site Scripting	CVE-2020-17457	2024-11-21 14:08	2021-03-18	Show	GitHub Exploit DB Packet Storm

212000	7.5	HIGH Network	apache debian	subversion debian_linux	Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repositor…	CWE-476 NULL Pointer Dereference	CVE-2020-17525	2024-11-21 14:08	2021-03-17	Show	GitHub Exploit DB Packet Storm