Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252961	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5017	2011-12-9 13:59	2011-11-2	Show	GitHub Exploit DB Packet Storm

252962	4.3	警告	2daybiz	-	2daybiz Online Classified Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5018	2011-12-9 13:59	2011-11-2	Show	GitHub Exploit DB Packet Storm

252963	7.5	危険	2daybiz	-	2daybiz Online Classified Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5019	2011-12-9 13:58	2011-11-2	Show	GitHub Exploit DB Packet Storm

252964	7.5	危険	NetArt Media	-	NetArt Media iBoutique における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5020	2011-12-9 13:56	2011-11-2	Show	GitHub Exploit DB Packet Storm

252965	7.5	危険	Cramer Development	-	Digital Interchange Document Library における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5021	2011-12-9 13:56	2011-11-2	Show	GitHub Exploit DB Packet Storm

252966	7.5	危険	Jextensions	-	Joomla! 用 JExtensions JE Story Submit コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5022	2011-12-9 13:55	2011-11-2	Show	GitHub Exploit DB Packet Storm

252967	7.5	危険	Cramer Development	-	Digital Interchange Calendar における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5023	2011-12-9 13:54	2011-11-2	Show	GitHub Exploit DB Packet Storm

252968	6	警告	CuteSITE	-	CuteSITE CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5024	2011-12-9 13:54	2011-11-2	Show	GitHub Exploit DB Packet Storm

252969	4.3	警告	CuteSITE	-	CuteSITE CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5025	2011-12-9 13:50	2011-11-2	Show	GitHub Exploit DB Packet Storm

252970	6.8	警告	Lightbox Technologies Inc.	-	Science Fair In A Box における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5026	2011-12-9 13:50	2011-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202431	4.8	MEDIUM Network	codologic	codoforum	Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen.	CWE-79 Cross-site Scripting	CVE-2020-5843	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202432	8.8	HIGH Network	ahsay	cloud_backup_suite	An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.3.0.30 via a "PUT /obs/obm7/file/upload" request with the base64-encoded pathname in the X-RSW-custom-enc…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-5846	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202433	6.8	MEDIUM Network	gilacms	gila_cms	Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.	CWE-22 Path Traversal	CVE-2020-5513	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202434	6.8	MEDIUM Network	gilacms	gila_cms	Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.	CWE-22 Path Traversal	CVE-2020-5512	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202435	7.2	HIGH Network	gilacms	gila_cms	Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.	CWE-89 SQL Injection	CVE-2020-5515	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202436	9.1	CRITICAL Network	gilacms	gila_cms	Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-5514	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202437	7.5	HIGH Network	hashbrowncms	hashbrown_cms	An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field.	CWE-22 Path Traversal	CVE-2020-5840	2024-11-21 14:34	2020-01-7	Show	GitHub Exploit DB Packet Storm

202438	9.8	CRITICAL Network	litespeedtech	openlitespeed	The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.	CWE-20 Improper Input Validation	CVE-2020-5519	2024-11-21 14:34	2020-01-6	Show	GitHub Exploit DB Packet Storm

202439	9.8	CRITICAL Network	apache	rust_sgx_sdk	Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same.	NVD-CWE-noinfo	CVE-2020-5499	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm

202440	6.1	MEDIUM Network	mitreid	connect	The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be ex…	CWE-79 Cross-site Scripting	CVE-2020-5497	2024-11-21 14:34	2020-01-4	Show	GitHub Exploit DB Packet Storm