Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248421	7.5	危険	gizzar	-	Gizzar の guest.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6527	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248422	5.1	警告	dt guestbook	-	DT Guestbook の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6487	2012-06-26 15:38	2007-01-16	Show	GitHub Exploit DB Packet Storm

248423	7.5	危険	gizzar	-	Gizzar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6526	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248424	7.5	危険	ezhrs	-	EzHRS HR Assist の vdateUsr.asp における SQL インジェクションの脆弱性	-	CVE-2006-6525	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248425	7.5	危険	ezhrs	-	EzHRS HR Assist の vdateUsr.asp における SQL インジェクションの脆弱性	-	CVE-2006-6524	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248426	6.8	警告	cPanel	-	cPanel の BoxTrapper の mail/manage.html におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6523	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248427	3.5	注意	flippet.org	-	Wawi における特定のディレクトリにアクセスされる脆弱性	-	CVE-2006-6514	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248428	3.5	注意	flippet.org	-	Wawi の CControl::Download 関数におけるルート配下のファイルタイプをダウンロードされる脆弱性	-	CVE-2006-6513	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248429	3.5	注意	flippet.org	-	Wawi の Browse 関数におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6512	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

248430	6.8	警告	dadaimc	-	dadaIMC における任意の PHP コードを実行される脆弱性	-	CVE-2006-6511	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210911	7.5	HIGH Network	secondline	podcast_importer_secondline	Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer-secondline) plugin 1.1.4 for WordPress via the podcast_feed parameter in a secondline_import_initialize action …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24149	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210912	9.1	CRITICAL Network	mooveagency	import_xml_and_rss_feeds	Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress via the data parameter in a moove_read_xml action.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24148	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210913	9.1	CRITICAL Network	xylusthemes	wp_smart_import	Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24147	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210914	8.1	HIGH Network	cminds	cm_download_manager	Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users to delete arbitrary files and possibly cause a denial of service via the fi…	CWE-22 Path Traversal	CVE-2020-24146	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210915	6.1	MEDIUM Network	cminds	cm_download_manager	Cross Site Scripting (XSS) vulnerability in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted d…	CWE-79 Cross-site Scripting	CVE-2020-24145	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210916	8.6	HIGH Network	media_file_organizer_project	media_file_organizer	Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] …	CWE-22 Path Traversal	CVE-2020-24144	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210917	7.5	HIGH Network	ninjateam	video_downloader_for_tiktok	Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk…	CWE-22 Path Traversal	CVE-2020-24143	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210918	9.8	CRITICAL Network	ninjateam	video_downloader_for_tiktok	Server-side request forgery in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web app…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24142	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210919	5.3	MEDIUM Network	wp-downloadmanager_project	wp-downloadmanager	Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote p…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24141	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm

210920	6.5	MEDIUM Network	eram	myfax150_firmware myfax250_firmware myfax450_firmware	myFax version 229 logs sensitive information in the export log module which allows any user to access critical information.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2020-24038	2024-11-21 14:14	2021-07-7	Show	GitHub Exploit DB Packet Storm