Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250311	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5016	2011-12-9 14:00	2011-11-2	Show	GitHub Exploit DB Packet Storm

250312	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5017	2011-12-9 13:59	2011-11-2	Show	GitHub Exploit DB Packet Storm

250313	4.3	警告	2daybiz	-	2daybiz Online Classified Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5018	2011-12-9 13:59	2011-11-2	Show	GitHub Exploit DB Packet Storm

250314	7.5	危険	2daybiz	-	2daybiz Online Classified Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5019	2011-12-9 13:58	2011-11-2	Show	GitHub Exploit DB Packet Storm

250315	7.5	危険	NetArt Media	-	NetArt Media iBoutique における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5020	2011-12-9 13:56	2011-11-2	Show	GitHub Exploit DB Packet Storm

250316	7.5	危険	Cramer Development	-	Digital Interchange Document Library における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5021	2011-12-9 13:56	2011-11-2	Show	GitHub Exploit DB Packet Storm

250317	7.5	危険	Jextensions	-	Joomla! 用 JExtensions JE Story Submit コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5022	2011-12-9 13:55	2011-11-2	Show	GitHub Exploit DB Packet Storm

250318	7.5	危険	Cramer Development	-	Digital Interchange Calendar における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5023	2011-12-9 13:54	2011-11-2	Show	GitHub Exploit DB Packet Storm

250319	6	警告	CuteSITE	-	CuteSITE CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5024	2011-12-9 13:54	2011-11-2	Show	GitHub Exploit DB Packet Storm

250320	4.3	警告	CuteSITE	-	CuteSITE CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5025	2011-12-9 13:50	2011-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197151	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker c…	CWE-89 SQL Injection	CVE-2020-6119	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197152	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker …	CWE-89 SQL Injection	CVE-2020-6118	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197153	8.8	HIGH Network	os4ed	opensis	SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker ca…	CWE-89 SQL Injection	CVE-2020-6117	2024-11-21 14:35	2020-09-1	Show	GitHub Exploit DB Packet Storm

197154	4.3	MEDIUM Network	sap	abap_platform netweaver_application_server_abap	Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP u…	NVD-CWE-noinfo	CVE-2020-6310	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197155	7.5	HIGH Network	sap	netweaver_application_server_java	SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the atta…	CWE-306 Missing Authentication for Critical Function	CVE-2020-6309	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197156	8.1	HIGH Network	sap	hcm_travel_management	SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of priv…	CWE-862 Missing Authorization	CVE-2020-6301	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197157	4.8	MEDIUM Network	sap	businessobjects_business_intelligence_platform	SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code t…	CWE-79 Cross-site Scripting	CVE-2020-6300	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197158	4.3	MEDIUM Network	sap	abap_platform netweaver_application_server_abap	SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Inform…	NVD-CWE-noinfo	CVE-2020-6299	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197159	8.1	HIGH Network	sap	generic_market_data	SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure val…	CWE-862 Missing Authorization	CVE-2020-6298	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197160	4.4	MEDIUM Local	sap	data_intelligence	Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be …	NVD-CWE-noinfo	CVE-2020-6297	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm