Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248391	5	警告	alientrap	-	Nexuiz におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6609	2012-06-26 15:38	2006-12-17	Show	GitHub Exploit DB Packet Storm

248392	7.5	危険	clarens	-	Clarens jclarens における SQL インジェクションの脆弱性	-	CVE-2006-6606	2012-06-26 15:38	2006-12-17	Show	GitHub Exploit DB Packet Storm

248393	7.5	危険	exlor	-	EXlor の fonctions/template.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6591	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

248394	6.8	警告	Apache Software Foundation	-	Apache OFBiz および Opentaps の ecommerce/control/keywordsearch におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6589	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

248395	7.5	危険	Apache Software Foundation	-	Apache OFBiz のフォーラム実装におけるコンテンツを改ざんされる脆弱性	-	CVE-2006-6588	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

248396	6.8	警告	Apache Software Foundation	-	Apache OFBiz の ecommerce コンポーネントにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6587	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

248397	7.5	危険	brian drawert	-	Brian Drawert yaplap の ldap.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6575	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

248398	6	警告	シトリックス・システムズ	-	Citrix Access Gateway Advanced Edition および Citrix Access Gateway Advanced Edition with AAC におけるデータへのアクセス権を取得される脆弱性	-	CVE-2006-6573	2012-06-26 15:38	2006-11-4	Show	GitHub Exploit DB Packet Storm

248399	6.5	警告	シトリックス・システムズ	-	Citrix AAC Option および Access Gateway with Advanced Access Control におけるアクセスポリシーを回避される脆弱性	-	CVE-2006-6572	2012-06-26 15:38	2006-11-4	Show	GitHub Exploit DB Packet Storm

248400	6.8	警告	genesistrader	-	GenesisTrader の form.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6571	2012-06-26 15:38	2006-12-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211431	5.5	MEDIUM Local	coreftp	core_ftp	Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.	CWE-120 Classic Buffer Overflow	CVE-2020-21588	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

211432	9.8	CRITICAL Network	emlog	emlog	Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-21585	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

211433	5.4	MEDIUM Network	seeyon	g6_government_collaborative_system	Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.	CWE-79 Cross-site Scripting	CVE-2020-20545	2024-11-21 14:12	2021-03-30	Show	GitHub Exploit DB Packet Storm

211434	9.8	CRITICAL Network	inspur	clusterengine	A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server	CWE-88 Argument Injection	CVE-2020-21224	2024-11-21 14:12	2021-02-23	Show	GitHub Exploit DB Packet Storm

211435	9.8	CRITICAL Network	koa2-blog_project	koa2-blog	Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signup page.	CWE-89 SQL Injection	CVE-2020-21180	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

211436	9.8	CRITICAL Network	koa2-blog_project	koa2-blog	Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page.	CWE-89 SQL Injection	CVE-2020-21179	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

211437	9.8	CRITICAL Network	thinkjs	thinkjs	SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.	CWE-89 SQL Injection	CVE-2020-21176	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

211438	9.8	CRITICAL Network	cmswing	cmswing	An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL commands.	CWE-89 SQL Injection	CVE-2020-20296	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

211439	9.8	CRITICAL Network	cmswing	cmswing	An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands.	CWE-89 SQL Injection	CVE-2020-20295	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm

211440	9.8	CRITICAL Network	cmswing	cmswing	An issue was found in CMSWing project version 1.3.8. Because the log function does not check the log parameter, malicious parameters can execute arbitrary commands.	CWE-89 SQL Injection	CVE-2020-20294	2024-11-21 14:12	2021-02-2	Show	GitHub Exploit DB Packet Storm