Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203761	5.3	警告 Network	シマンテック	-	Symantec Endpoint Protection Manager における重要な情報を取得される脆弱性	CWE-200 CWE-Other	CVE-2016-5306	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203762	5.4	警告 Network	シマンテック	-	Symantec Endpoint Protection Manager の管理スクリプトにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5305	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203763	6.8	警告 Network	シマンテック	-	Symantec Endpoint Protection Manager のレポート転送コンポーネントにおけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2016-5304	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203764	8	重要 Network	シマンテック	-	Symantec Endpoint Protection Manager の管理スクリプトにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2016-3653	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203765	5.4	警告 Network	シマンテック	-	Symantec Endpoint Protection Manager の管理スクリプトにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-3652	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203766	8	重要 Network	シマンテック	-	Symantec Endpoint Protection Manager における PHP JSESSIONID 値を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-3651	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203767	8.8	重要 Network	シマンテック	-	Symantec Endpoint Protection Manager における認証情報を取得される脆弱性	CWE-200 CWE-Other	CVE-2016-3650	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203768	4.3	警告 Network	シマンテック	-	Symantec Endpoint Protection Manager における管理者アカウントを列挙される脆弱性	CWE-200 情報漏えい	CVE-2016-3649	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203769	8.8	重要 Network	シマンテック	-	Symantec Endpoint Protection Manager における認証ロックの保護メカニズムを回避される脆弱性	CWE-200 CWE-Other	CVE-2016-3648	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

203770	7.7	重要 Network	シマンテック	-	Symantec Endpoint Protection Manager におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-Other その他	CVE-2016-3647	2016-07-5 12:19	2016-06-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290581	-	wesley_destailleur	todoo_forum	Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_post or (2) pg parameter.	CWE-89 SQL Injection	CVE-2013-3537	2024-11-21 10:53	2013-05-14	Show	GitHub Exploit DB Packet Storm

290582	-	whmcs	group_pay	SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via t…	CWE-89 SQL Injection	CVE-2013-3536	2024-11-21 10:53	2013-05-14	Show	GitHub Exploit DB Packet Storm

290583	-	themelogik	cmslogik	Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0 and 1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_email, (2) header_title, (3) site_title…	CWE-79 Cross-site Scripting	CVE-2013-3535	2024-11-21 10:53	2013-05-14	Show	GitHub Exploit DB Packet Storm

290584	-	algisinfo	aicontactsafe	Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-3534	2024-11-21 10:53	2013-05-14	Show	GitHub Exploit DB Packet Storm

290585	-	virtualaccess	virtual_access_monitor	Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10.17 and earlier allow attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2013-3533	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm

290586	-	webdorado	spider_video_player	SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter.	CWE-89 SQL Injection	CVE-2013-3532	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm

290587	-	radiocms	radiocms	SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter.	CWE-89 SQL Injection	CVE-2013-3531	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm

290588	-	fabricio_zuardi	xspf_player_plugin	SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter.	CWE-89 SQL Injection	CVE-2013-3530	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm

290589	-	smartypantsplugins	wp-funeral-press	Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…	CWE-79 Cross-site Scripting	CVE-2013-3529	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm

290590	-	vanillaforums	vanilla	Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."	NVD-CWE-noinfo	CVE-2013-3528	2024-11-21 10:53	2013-05-11	Show	GitHub Exploit DB Packet Storm