Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200511 8.8 重要
Network 		WordPress.org - WordPress のウィジェット編集のアクセシビリティモード機能におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-5492 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200512 5.3 警告
Network 		WordPress.org - WordPress の wp-mail.php における投稿の制限を回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-5491 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200513 6.1 警告
Network 		WordPress.org - WordPress の wp-includes/class-wp-theme.php のテーマ名のフォールバック機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5490 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200514 8.8 重要
Network 		WordPress.org - WordPress におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-5489 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200515 6.1 警告
Network 		WordPress.org - WordPress の wp-admin/update-core.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5488 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200516 5.3 警告
Network 		WordPress.org - WordPress の REST API の実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-5487 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
200517 9.8 緊急
Network 		MetalGenix - GeniXCMS の Posts.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-5519 2017-01-26 09:57 2017-01-14 Show GitHub Exploit DB Packet Storm
200518 9.8 緊急
Network 		MetalGenix - GeniXCMS の author.control.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-5517 2017-01-26 09:57 2017-01-14 Show GitHub Exploit DB Packet Storm
200519 6.1 警告
Network 		MetalGenix - GeniXCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5516 2017-01-26 09:57 2017-01-13 Show GitHub Exploit DB Packet Storm
200520 5.4 警告
Network 		MetalGenix - GeniXCMS の user prompt 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5515 2017-01-26 09:57 2017-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345791 - eject eject eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensi… NVD-CWE-Other
CVE-2003-1399 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345792 - francisco_burzi php-nuke Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter. CWE-79
Cross-site Scripting 		CVE-2003-1400 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345793 - php_board php_board login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via … CWE-255
Credentials Management 		CVE-2003-1401 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345794 - kietu kietu PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015. CWE-20
 Improper Input Validation  		CVE-2003-1402 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345795 - dotbr botbr foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. CWE-20
 Improper Input Validation  		CVE-2003-1403 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345796 - dotbr botbr DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. CWE-200
Information Exposure 		CVE-2003-1404 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345797 - dotbr botbr DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. CWE-20
 Improper Input Validation  		CVE-2003-1405 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345798 - adalis_infomatique d_forum PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer par… CWE-94
Code Injection 		CVE-2003-1406 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345799 - microsoft windows_nt Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2003-1407 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345800 - lotus domino_server Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. CWE-200
Information Exposure 		CVE-2003-1408 2017-07-29 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm