Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231911	7.5	危険	php-generics	-	PHP-Generics における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2346	2012-12-20 18:19	2007-04-27	Show	GitHub Exploit DB Packet Storm

231912	7.5	危険	phpbandmanager	-	phpBandManager の suite/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2341	2012-12-20 18:19	2007-04-27	Show	GitHub Exploit DB Packet Storm

231913	6.8	警告	phporacleview	-	phporacleview の inc/include_all.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2340	2012-12-20 18:19	2007-04-27	Show	GitHub Exploit DB Packet Storm

231914	7.5	危険	shop-script	-	Shop-Script の cart.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2331	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

231915	7.5	危険	searchactivity	-	Searchactivity の searchbot.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2329	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

231916	7.5	危険	phpmytgp	-	phpMYTGP の addvip.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2328	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

231917	10	危険	SilverStripe	-	SilverStripe の検索機能における脆弱性	-	CVE-2007-2321	2012-12-20 18:19	2007-04-17	Show	GitHub Exploit DB Packet Storm

231918	7.5	危険	VWar	-	PHP-Nuke 用の VWar モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2312	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

231919	7.5	危険	webkalk2	-	WebKalk2 の engine/engine.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2307	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

231920	4.3	警告	VWar	-	PHP-Nuke 用の VWar モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2306	2012-12-20 18:19	2007-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211901	4.8	MEDIUM Network	damicms	damicms	Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php.	CWE-79 Cross-site Scripting	CVE-2020-18451	2024-11-21 14:08	2021-08-13	Show	GitHub Exploit DB Packet Storm

211902	5.4	MEDIUM Network	ukcms	ukcms	Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php	CWE-79 Cross-site Scripting	CVE-2020-18449	2024-11-21 14:08	2021-08-13	Show	GitHub Exploit DB Packet Storm

211903	4.8	MEDIUM Network	yunucms	yunucms	Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in ContentModel.php.	CWE-79 Cross-site Scripting	CVE-2020-18446	2024-11-21 14:08	2021-08-13	Show	GitHub Exploit DB Packet Storm

211904	6.1	MEDIUM Network	yunucms	yunucms	Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php.	CWE-79 Cross-site Scripting	CVE-2020-18445	2024-11-21 14:08	2021-08-13	Show	GitHub Exploit DB Packet Storm

211905	8.8	HIGH Network	ignitedcms	ignitedcms	Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".	CWE-352 Origin Validation Error	CVE-2020-18694	2024-11-21 14:08	2021-08-7	Show	GitHub Exploit DB Packet Storm

211906	5.4	MEDIUM Network	mineweb	minewebcms	Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'.	CWE-79 Cross-site Scripting	CVE-2020-18693	2024-11-21 14:08	2021-08-7	Show	GitHub Exploit DB Packet Storm

211907	5.4	MEDIUM Network	yzmcms	yzmcms	Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_code parameter in admin/index/init.html.	CWE-79 Cross-site Scripting	CVE-2020-19118	2024-11-21 14:08	2021-07-30	Show	GitHub Exploit DB Packet Storm

211908	9.8	CRITICAL Network	metinfo	metinfo	SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.	CWE-89 SQL Injection	CVE-2020-18175	2024-11-21 14:08	2021-07-30	Show	GitHub Exploit DB Packet Storm

211909	5.4	MEDIUM Network	hucart	hucart	Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php.	CWE-79 Cross-site Scripting	CVE-2020-18158	2024-11-21 14:08	2021-07-30	Show	GitHub Exploit DB Packet Storm

211910	8.8	HIGH Network	metinfo	metinfo	Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php.	CWE-352 Origin Validation Error	CVE-2020-18157	2024-11-21 14:08	2021-07-30	Show	GitHub Exploit DB Packet Storm