Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
246561	7.5	危険	DMXReady	-	DMXReady Member Directory Manager の CategoryManager/upload_image_category.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0427	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

246562	7.5	危険	DMXReady	-	DMXReady Classified Listings Manager の CategoryManager/upload_image_category.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0426	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

246563	7.5	危険	blue eye cms	-	Blue Eye CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0425	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

246564	4.3	警告	an guestbook	-	AN Guestbook (ANG) の sign1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0424	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

246565	4.3	警告	agavi	-	Agavi の AgaviWebRouting::gen(null) メソッドにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0417	2012-06-26 16:10	2009-02-10	Show	GitHub Exploit DB Packet Storm

246566	7.5	危険	community cms	-	Community CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0406	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

246567	4.3	警告	Bioinformatics	-	Bioinformatics htmLawed におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0404	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

246568	7.5	危険	Chipmunk Scripts	-	Chipmunk Blogger Script の admin/authenticate.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0403	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

246569	7.5	危険	GPLHost	-	DTC の client/new_account.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0402	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

246570	7.5	危険	ephpscripts	-	E-Php CMS の browsecats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0401	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
218431	9.8	CRITICAL Network	openiam	openiam	OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions.	NVD-CWE-Other	CVE-2020-13421	2024-11-21 14:01	2021-04-7	Show	GitHub Exploit DB Packet Storm

218432	9.8	CRITICAL Network	openiam	openiam	OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script.	NVD-CWE-noinfo	CVE-2020-13420	2024-11-21 14:01	2021-04-7	Show	GitHub Exploit DB Packet Storm

218433	5.3	MEDIUM Network	openiam	openiam	OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task.	CWE-22 Path Traversal	CVE-2020-13419	2024-11-21 14:01	2021-04-7	Show	GitHub Exploit DB Packet Storm

218434	6.1	MEDIUM Network	openiam	openiam	OpenIAM before 4.2.0.3 allows XSS in the Add New User feature.	CWE-79 Cross-site Scripting	CVE-2020-13418	2024-11-21 14:01	2021-04-7	Show	GitHub Exploit DB Packet Storm

218435	8.8	HIGH Network	webkitgtk	webkitgtk	A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.	CWE-416 Use After Free	CVE-2020-13558	2024-11-21 14:01	2021-03-4	Show	GitHub Exploit DB Packet Storm

218436	7.8	HIGH Local	advantech	webaccess\/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation …	CWE-276 Incorrect Default Permissions	CVE-2020-13554	2024-11-21 14:01	2021-03-4	Show	GitHub Exploit DB Packet Storm

218437	6.1	MEDIUM Network	nanohttpd	nanohttpd	An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that …	CWE-79 Cross-site Scripting	CVE-2020-13697	2024-11-21 14:01	2021-02-23	Show	GitHub Exploit DB Packet Storm

218438	7.8	HIGH Local	sytech	xlreporter	An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite…	CWE-276 Incorrect Default Permissions	CVE-2020-13549	2024-11-21 14:01	2021-02-20	Show	GitHub Exploit DB Packet Storm

218439	8.8	HIGH Local	advantech	webaccess\/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attack…	CWE-276 Incorrect Default Permissions	CVE-2020-13555	2024-11-21 14:01	2021-02-18	Show	GitHub Exploit DB Packet Storm

218440	8.8	HIGH Local	advantech	webaccess\/scada	An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation …	CWE-276 Incorrect Default Permissions	CVE-2020-13553	2024-11-21 14:01	2021-02-18	Show	GitHub Exploit DB Packet Storm