Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248271 4.3 警告 CKEditor Team - FCKEditorto の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6978 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248272 4.3 警告 freetextbox - FreeTextBox の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6977 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248273 7.5 危険 centipaid - CentiPaid の centipaid_class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6976 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248274 7.5 危険 bti-tracker - BtitTracker の torrents.php における SQL インジェクションの脆弱性 - CVE-2006-6972 2012-06-26 15:38 2007-02-7 Show GitHub Exploit DB Packet Storm
248275 4.3 警告 Andreas Gohr - DokuWiki の lib/exe/fetch.php におけるCRLF インジェクションの脆弱性 - CVE-2006-6965 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248276 7.5 危険 Docebo - Docebo LMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6963 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248277 6.8 警告 Docebo - Docebo の addons/mod_media/body.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6957 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248278 7.5 危険 Bitweaver - bitweaver の newsletters/edition.php における SQL インジェクションの脆弱性 - CVE-2006-6923 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
248279 7.5 危険 deadlock user management system - phpdeadlock における SQL インジェクションの脆弱性 - CVE-2006-6922 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
248280 10 危険 geobb - GeoBB の Admin ログインにおける詳細不明な脆弱性 - CVE-2006-6918 2012-06-26 15:38 2007-01-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211371 6.1 MEDIUM
Network 		froala froala_editor A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML. CWE-79
Cross-site Scripting 		CVE-2020-22864 2024-11-21 14:13 2021-10-27 Show GitHub Exploit DB Packet Storm
211372 7.5 HIGH
Network 		dropouts super_backup Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via … CWE-22
Path Traversal 		CVE-2020-23061 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211373 7.1 HIGH
Local 		tonec internet_download_manager Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a cra… CWE-787
 Out-of-bounds Write 		CVE-2020-23060 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211374 4.6 MEDIUM
Physics 		file_explorer_project file_explorer An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data. CWE-287
Improper Authentication 		CVE-2020-23058 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211375 5.4 MEDIUM
Network 		lancom-systems lcos ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module via the userid and pas… CWE-79
Cross-site Scripting 		CVE-2020-23055 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211376 6.1 MEDIUM
Network 		user-agent_switcher_and_manager_project user-agent_switcher_and_manager A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the user agent input fie… CWE-79
Cross-site Scripting 		CVE-2020-23054 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211377 5.4 MEDIUM
Network 		catalyst mahara Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción)… CWE-79
Cross-site Scripting 		CVE-2020-23052 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211378 6.1 MEDIUM
Network 		user_registration_\&_login_and_user_management_system_with_admin_panel_project user_registration_\&_login_and_user_management_system_with_admin_panel Phpgurukul User Registration & User Management System v2.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the regist… CWE-79
Cross-site Scripting 		CVE-2020-23051 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211379 8.0 HIGH
Network 		taotesting tao_assessment_platform TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows atta… CWE-74
Injection 		CVE-2020-23050 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm
211380 5.4 MEDIUM
Network 		fork-cms fork_cms Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vu… CWE-79
Cross-site Scripting 		CVE-2020-23049 2024-11-21 14:13 2021-10-23 Show GitHub Exploit DB Packet Storm