Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250751 7.5 危険 Joe Pieruccini - MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5000 2011-12-9 14:17 2011-11-2 Show GitHub Exploit DB Packet Storm
250752 7.5 危険 2daybiz - 2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5004 2011-12-9 14:16 2011-11-2 Show GitHub Exploit DB Packet Storm
250753 4.3 警告 Rayzz - Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5005 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
250754 7.5 危険 Emophp Programming - EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5006 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
250755 4.3 警告 ut-files - UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5007 2011-12-9 14:14 2011-11-2 Show GitHub Exploit DB Packet Storm
250756 7.5 危険 Denali - BrightSuite Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5008 2011-12-9 14:13 2011-11-2 Show GitHub Exploit DB Packet Storm
250757 7.5 危険 ut-files - UTStats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5009 2011-12-9 14:12 2011-11-2 Show GitHub Exploit DB Packet Storm
250758 4.3 警告 FullSite Pty Ltd - SchoolMation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5010 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
250759 7.5 危険 FullSite Pty Ltd - SchoolMation における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5011 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
250760 7.5 危険 David Noguera Gutierrez - DaLogin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5012 2011-12-9 14:09 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210061 7.2 HIGH
Network 		ozeki ozeki_ng_sms_gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By leveraging a path traversal vulnerability in the Autoreply module's Script Name, an attacker may write to or overwrite arbitrary fil… CWE-22
Path Traversal 		CVE-2020-14028 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210062 5.3 MEDIUM
Network 		ozeki ozeki_ng_sms_gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE, that can be leveraged by attackers to enab… CWE-88
Argument Injection 		CVE-2020-14027 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210063 8.8 HIGH
Network 		ozeki ozeki_ng_sms_gateway CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2020-14026 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210064 8.8 HIGH
Network 		ozeki ozeki_ng_sms_gateway Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules o… CWE-352
 Origin Validation Error 		CVE-2020-14025 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210065 6.1 MEDIUM
Network 		ozeki ozeki_ng_sms_gateway Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field i… CWE-79
Cross-site Scripting 		CVE-2020-14024 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210066 4.9 MEDIUM
Network 		ozeki ozeki_ng_sms_gateway Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2020-14023 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210067 8.8 HIGH
Network 		ozeki ozeki_ng_sms_gateway Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. It is possible to upload an executable or .bat … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-14022 2024-11-21 14:02 2020-09-23 Show GitHub Exploit DB Packet Storm
210068 4.3 MEDIUM
Network 		atlassian jira_service_desk Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Informa… NVD-CWE-noinfo
CVE-2020-14180 2024-11-21 14:02 2020-09-21 Show GitHub Exploit DB Packet Storm
210069 5.3 MEDIUM
Network 		atlassian jira_server
jira_data_center 		Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /… NVD-CWE-noinfo
CVE-2020-14179 2024-11-21 14:02 2020-09-21 Show GitHub Exploit DB Packet Storm
210070 6.5 MEDIUM
Network 		atlassian jira_server Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searc… NVD-CWE-noinfo
CVE-2020-14177 2024-11-21 14:02 2020-09-21 Show GitHub Exploit DB Packet Storm