Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193151 7.5 重要
Network 		Mobile App Native project - WordPress 用 Mobile App Native プラグインにおけるリモートでファイルをアップロードされる脆弱性 CWE-254
セキュリティ機能 		CVE-2017-6104 2017-03-8 14:30 2017-02-27 Show GitHub Exploit DB Packet Storm
193152 6.1 警告
Network 		AnyVar project - WordPress 用 AnyVar プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6103 2017-03-8 14:30 2017-02-21 Show GitHub Exploit DB Packet Storm
193153 6.1 警告
Network 		Blair Jordan - WordPress 用 Rockhoist Badges プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6102 2017-03-8 14:30 2017-02-20 Show GitHub Exploit DB Packet Storm
193154 7.8 重要
Local 		IBM - IBM AIX における root 権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-8972 2017-03-8 14:20 2016-12-15 Show GitHub Exploit DB Packet Storm
193155 5.5 警告
Local 		IBM - IBM AIX におけるシステムクラッシュを引き起こされる脆弱性 CWE-20
不適切な入力確認 		CVE-2016-8944 2017-03-8 14:20 2016-10-25 Show GitHub Exploit DB Packet Storm
193156 9.1 緊急
Network 		IBM - IBM Integration Bus および WebSphere Message Broker の SOAP フローにおけるサービス運用妨害 (DoS) の脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2016-9706 2017-03-8 14:19 2016-12-1 Show GitHub Exploit DB Packet Storm
193157 6.1 警告
Network 		IBM - IBM WebSphere Message Broker におけるクリックアクションをハイジャックされる脆弱性 CWE-254
セキュリティ機能 		CVE-2016-9010 2017-03-8 14:19 2016-10-25 Show GitHub Exploit DB Packet Storm
193158 9.8 緊急
Network 		IBM - IBM System Storage TS3100/TS3200 テープライブラリにおけるユーザのパスワードを変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-9005 2017-03-8 14:19 2016-10-25 Show GitHub Exploit DB Packet Storm
193159 5.4 警告
Network 		IBM - IBM Jazz Foundation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-8968 2017-03-8 14:19 2016-10-25 Show GitHub Exploit DB Packet Storm
193160 5.3 警告
Local 		IBM - IBM Cognos Disclosure Management における低い権限で任意のコマンドを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-6077 2017-03-8 14:19 2016-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293741 - webcamxp webcamxp Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. CWE-22
Path Traversal 		CVE-2008-5862 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
293742 - v-gn userlocator SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user ac… CWE-89
SQL Injection 		CVE-2008-5863 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
293743 - joomlahbs com_tophotelmodule
hotel_booking_reservation_system 		SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL co… CWE-89
SQL Injection 		CVE-2008-5864 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
293744 - joomlahbs hotel_booking_reservation_system SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_… CWE-89
SQL Injection 		CVE-2008-5865 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
293745 - intellitamper intellitamper Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-5868 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
293746 - yerba yerba Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5873 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
293747 - joomlahbs com_5starhotels
com_allhotels
hotel_booking_reservation_system 		Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetail… CWE-89
SQL Injection 		CVE-2008-5874 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
293748 - joomlahbs com_lowcosthotels
hotel_booking_reservation_system 		SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id param… CWE-89
SQL Injection 		CVE-2008-5875 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
293749 - phpclanwebsite phpclanwebsite Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (… CWE-89
SQL Injection 		CVE-2008-5877 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
293750 - phpclanwebsite phpclanwebsite Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to in… CWE-22
Path Traversal 		CVE-2008-5878 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm