Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248431 4.3 警告 AlstraSoft - AlstraSoft SMS Text Messaging Enterprise におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4079 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248432 4.3 警告 AlstraSoft - AlstraSoft Text Ads Enterprise におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4078 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248433 4.3 警告 AlstraSoft - AlstraSoft Video Share Enterprise におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4077 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248434 7.5 危険 ASP indir - Alisveris Sitesi Scripti の index.asp における SQL インジェクションの脆弱性 - CVE-2007-4076 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248435 4.3 警告 ASP indir - Alisveris Sitesi Scripti の index.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4075 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248436 10 危険 SUSE
centre for speech technology research		 - Gentoo Linux などの CSTR Festival のディフォルト設定における任意のコマンドを実行される脆弱性 CWE-16
環境設定 		CVE-2007-4074 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248437 9.3 危険 clever components - Clever Internet ActiveX Suite の CLINETSUITEX6.OCX の clInetSuiteX6.clWebDav ActiveX コントロールにおける絶対パストラバーサルの脆弱性 - CVE-2007-4067 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
248438 4.3 警告 Drupal - Drupal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4064 2012-06-26 15:54 2007-07-26 Show GitHub Exploit DB Packet Storm
248439 4.3 警告 Drupal - Drupal におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-4063 2012-06-26 15:54 2007-07-26 Show GitHub Exploit DB Packet Storm
248440 9 危険 frank yaul - Frank Yaul corehttp の http.c の HttpSprockMake 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-4060 2012-06-26 15:54 2007-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210371 2.7 LOW
Network 		lightbend play_framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior … NVD-CWE-Other
CVE-2020-28923 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210372 7.2 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28939 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210373 5.4 MEDIUM
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. CWE-79
Cross-site Scripting 		CVE-2020-28938 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210374 7.5 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot… CWE-306
CWE-425
Missing Authentication for Critical Function
 Direct Request ('Forced Browsing') 		CVE-2020-28937 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210375 9.8 CRITICAL
Network 		adrianmercurio gym_management_system An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. CWE-89
SQL Injection 		CVE-2020-29288 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
210376 9.8 CRITICAL
Network 		car_rental_management_system_project car_rental_management_system An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php. CWE-89
SQL Injection 		CVE-2020-29287 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
210377 9.8 CRITICAL
Network 		point_of_sales_in_php\/pdo_project point_of_sales_in_php\/pdo SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php. CWE-89
SQL Injection 		CVE-2020-29285 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
210378 9.8 CRITICAL
Network 		multi_restaurant_table_reservation_system_project multi_restaurant_table_reservation_system The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can s… CWE-89
SQL Injection 		CVE-2020-29284 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
210379 9.8 CRITICAL
Network 		online_doctor_appointment_booking_system_php_and_mysql_project online_doctor_appointment_booking_system_php_and_mysql An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php. CWE-89
SQL Injection 		CVE-2020-29283 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm
210380 9.8 CRITICAL
Network 		bloodx_project bloodx SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication. CWE-89
SQL Injection 		CVE-2020-29282 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm