Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1271 5.4 警告
Network 		HasThemes ht politic HasThemesのWordPress用ht politicにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-51673 2026-01-28 12:38 2024-11-9 Show GitHub Exploit DB Packet Storm
1272 7.2 重要
Network 		Openfind Mail2000 OpenfindのMail2000におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-5399 2026-01-28 12:38 2024-05-27 Show GitHub Exploit DB Packet Storm
1273 8.8 重要
Network 		Openfind Mail2000 OpenfindのMail2000におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-5400 2026-01-28 12:38 2024-05-27 Show GitHub Exploit DB Packet Storm
1274 6.1 警告
Network 		Backdrop backdrop Backdropのbackdropにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-54123 2026-01-28 12:38 2024-11-29 Show GitHub Exploit DB Packet Storm
1275 4.8 警告
Network 		Centreon Centreon Web CentreonのCentreon Webにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-10023 2026-01-28 12:38 2025-10-27 Show GitHub Exploit DB Packet Storm
1276 4.8 警告
Network 		Centreon Centreon Web CentreonのCentreon Webにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-12513 2026-01-28 12:38 2026-01-5 Show GitHub Exploit DB Packet Storm
1277 5.3 警告
Network 		Centreon Centreon Web CentreonのCentreon Webにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2025-12519 2026-01-28 12:38 2026-01-5 Show GitHub Exploit DB Packet Storm
1278 4.8 警告
Network 		Centreon Centreon Web CentreonのCentreon Webにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-13056 2026-01-28 12:38 2026-01-5 Show GitHub Exploit DB Packet Storm
1279 6.5 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2025-13335 2026-01-28 12:38 2026-01-22 Show GitHub Exploit DB Packet Storm
1280 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2025-13927 2026-01-28 12:38 2026-01-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283001 - chipmunk_scripts chipmunk_directory Cross-site scripting (XSS) vulnerability in directory/index.php in Chipmunk directory allows remote attackers to inject arbitrary web script or HTML via the start parameter. NVD-CWE-Other
CVE-2006-7042 2018-10-17 01:29 2007-02-24 Show GitHub Exploit DB Packet Storm
283002 - shoutpro shoutpro include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2006-7047 2018-10-17 01:29 2007-02-24 Show GitHub Exploit DB Packet Storm
283003 - sweetphp totalcalendar PHP remote file inclusion vulnerability in index.php in TotalCalendar 2.30 and earlier allows remote attackers to execute arbitrary code via a URL in the inc_dir parameter, a different vector than CV… NVD-CWE-Other
CVE-2006-7055 2018-10-17 01:29 2007-02-24 Show GitHub Exploit DB Packet Storm
283004 - dreamcost hostadmin Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and… NVD-CWE-Other
CVE-2006-7056 2018-10-17 01:29 2007-02-24 Show GitHub Exploit DB Packet Storm
283005 - oracle database_server Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE:… NVD-CWE-Other
CVE-2006-7067 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm
283006 - etomite etomite Unrestricted file upload vulnerability in manager/media/ibrowser/scripts/rfiles.php in Etomite CMS 0.6.1 and earlier allows remote attackers to upload and execute arbitrary files via an nfile[] param… CWE-20
 Improper Input Validation  		CVE-2006-7070 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm
283007 - geodesicsolutions geoclassifieds_enterprise Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and earlier allows remote attackers to inject arbitrary web script and HTML via the (1) b[username] and (2) c parameters … NVD-CWE-Other
CVE-2006-7072 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm
283008 - professional_home_page_tools_login_script professional_home_page_tools_login_script Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) … NVD-CWE-Other
CVE-2006-7078 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm
283009 - dotdeb dotdeb_php CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the… NVD-CWE-Other
CVE-2006-7087 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm
283010 - ftpd ftpd ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary direc… NVD-CWE-Other
CVE-2006-7094 2018-10-17 01:29 2007-03-3 Show GitHub Exploit DB Packet Storm