Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232181 5 警告 Quirm - SAXON における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-4861 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
232182 7.5 危険 webace - wls の start.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4846 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232183 7.5 危険 rwscripts.com - RW::Download の UPLOAD/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4845 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232184 4.3 警告 x-diesel - X-Diesel Unreal Commander におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4844 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232185 5.8 警告 x-diesel - X-Diesel Unreal Commander におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4843 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232186 7.5 危険 proxy anket - Proxy Anket の anket.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4837 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232187 4.3 警告 phpmyquote - phpMyQuote の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4836 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232188 7.5 危険 phpmyquote - phpMyQuote の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4835 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232189 7.5 危険 phprealty - phpRealty における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4834 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
232190 2.6 注意 torrenttrader - TorrentTrader の account_settings.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4831 2012-12-20 18:33 2007-09-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211681 5.4 MEDIUM
Network 		yzmcms yzmcms In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected wit… CWE-79
Cross-site Scripting 		CVE-2020-23370 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211682 6.1 MEDIUM
Network 		yzmcms yzmcms In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3. CWE-79
Cross-site Scripting 		CVE-2020-23369 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211683 7.8 HIGH
Local 		windscribe windscribe In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation. CWE-428
 Unquoted Search Path or Element 		CVE-2020-22809 2024-11-21 14:13 2021-05-10 Show GitHub Exploit DB Packet Storm
211684 8.8 HIGH
Network 		fork-cms fork_cms Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators. CWE-352
 Origin Validation Error 		CVE-2020-23264 2024-11-21 14:13 2021-05-7 Show GitHub Exploit DB Packet Storm
211685 6.1 MEDIUM
Network 		fork-cms fork_cms Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /… CWE-79
Cross-site Scripting 		CVE-2020-23263 2024-11-21 14:13 2021-05-7 Show GitHub Exploit DB Packet Storm
211686 4.9 MEDIUM
Network 		chamilo chamilo_lms Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to … CWE-269
 Improper Privilege Management 		CVE-2020-23128 2024-11-21 14:13 2021-05-6 Show GitHub Exploit DB Packet Storm
211687 8.8 HIGH
Network 		chamilo chamilo_lms Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user. CWE-352
 Origin Validation Error 		CVE-2020-23127 2024-11-21 14:13 2021-05-6 Show GitHub Exploit DB Packet Storm
211688 4.8 MEDIUM
Network 		solarwinds serv-u_ftp_server
serv-u_mft_server 		SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload. CWE-79
Cross-site Scripting 		CVE-2020-22428 2024-11-21 14:13 2021-05-5 Show GitHub Exploit DB Packet Storm
211689 9.8 CRITICAL
Network 		guojusoft jeecg Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDemoController.do?common… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-23083 2024-11-21 14:13 2021-05-4 Show GitHub Exploit DB Packet Storm
211690 6.1 MEDIUM
Network 		opnsense opnsense An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. CWE-601
Open Redirect 		CVE-2020-23015 2024-11-21 14:13 2021-05-4 Show GitHub Exploit DB Packet Storm