Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202851	6.1	警告 Network	MyBB Group	-	MyBB および Merge System の Admin コントロールパネルの Users モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9421	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202852	9.8	緊急 Network	MyBB Group	-	MyBB および Merge System における脆弱性	CWE-20 不適切な入力確認	CVE-2016-9420	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202853	6.1	警告 Network	MyBB Group	-	MyBB および Merge System の Admin コントロールパネルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9419	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202854	7.5	重要 Network	MyBB Group	-	Windows 上で稼動する MyBB および Merge System における ACP バックアップから重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-9418	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202855	7.4	重要 Network	MyBB Group	-	MyBB および Merge System の fetch_remote_file 関数におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2016-9417	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202856	9.8	緊急 Network	MyBB Group	-	MyBB および Merge System のユーザデータハンドラにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-9416	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202857	7.5	重要 Network	MyBB Group	-	Windows 上で稼動する MyBB および Merge System における任意の CSS ファイルを上書きされる脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-9415	2017-02-13 15:32	2016-10-17	Show	GitHub Exploit DB Packet Storm

202858	7.5	重要 Network	MyBB Group	-	MyBB および Merge System における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-9414	2017-02-13 15:32	2016-03-11	Show	GitHub Exploit DB Packet Storm

202859	6.5	警告 Network	MyBB Group	-	MyBB および Merge System の Admin コントロールパネルにおけるクリックジャッキング攻撃を実行される脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-9413	2017-02-13 15:32	2016-03-11	Show	GitHub Exploit DB Packet Storm

202860	9.8	緊急 Network	MyBB Group	-	MyBB および Merge System における脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-9412	2017-02-13 15:32	2016-03-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
357351	-	techno_dreams	techno_dreams_guest_book	Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book allows remote attackers to inject arbitrary web script or HTML via certain comment fields in the "Sign Our GuestBook" page, probab…	NVD-CWE-Other	CVE-2006-2837	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

357352	-	particle_soft	particle_gallery	SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter.	NVD-CWE-Other	CVE-2006-2862	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

357353	-	deltascripts	php_pro_publish	Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this info…	NVD-CWE-Other	CVE-2006-2876	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

357354	-	qbik	wingate	Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of othe…	NVD-CWE-Other	CVE-2006-2917	2011-03-8 11:37	2006-07-11	Show	GitHub Exploit DB Packet Storm

357355	-	dmx_forum	dmx_forum	Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.	NVD-CWE-Other	CVE-2006-2946	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

357356	-	skoom	i.list	Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) …	NVD-CWE-Other	CVE-2006-2956	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

357357	-	enterprise_payroll_systems	enterprise_payroll_systems	PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter…	NVD-CWE-Other	CVE-2006-2983	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

357358	-	myscrapbook	myscrapbook	Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) comment param…	NVD-CWE-Other	CVE-2006-3035	2011-03-8 11:37	2006-06-15	Show	GitHub Exploit DB Packet Storm

357359	-	subtext	subtext	Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog.	NVD-CWE-Other	CVE-2006-3046	2011-03-8 11:37	2006-06-16	Show	GitHub Exploit DB Packet Storm

357360	-	cescripts	event_registration_2checkout event_registration_corporate event_registration_paypal event_registration_rsvp	Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_ev…	NVD-CWE-Other	CVE-2006-3052	2011-03-8 11:37	2006-06-16	Show	GitHub Exploit DB Packet Storm