Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
205811	7.3	重要 Network	Prepopulate project	-	Drupal 用 Prepopulate モジュールの _prepopulate_request_walk 関数における特定のフィールドの型を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3188	2016-04-18 17:56	2016-03-2	Show	GitHub Exploit DB Packet Storm

205812	7.3	重要 Network	Prepopulate project	-	Drupal 用 Prepopulate モジュールにおける REQUEST スーパーグローバル変数の配列を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3187	2016-04-18 17:56	2016-03-2	Show	GitHub Exploit DB Packet Storm

205813	7.5	重要 Network	Apache Software Foundation	-	Apache Jetspeed の User Manager サービスにおけるユーザを追加される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-2171	2016-04-18 17:37	2016-03-28	Show	GitHub Exploit DB Packet Storm

205814	9.8	緊急 Network	Apache Software Foundation	-	Apache OFBiz における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-2170	2016-04-18 17:37	2016-04-5	Show	GitHub Exploit DB Packet Storm

205815	6.5	警告 Network	Apache Software Foundation	-	Apache Qpid Proton の複数のクラスにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-2166	2016-04-18 17:37	2016-03-9	Show	GitHub Exploit DB Packet Storm

205816	7.5	重要 Network	Apache Software Foundation	-	Apache OpenMeetings の FileService.importFileByInternalUserId および FileService.importFile SOAP API メソッドにおける任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2016-2164	2016-04-18 17:37	2016-03-25	Show	GitHub Exploit DB Packet Storm

205817	6.1	警告 Network	Apache Software Foundation	-	Apache OpenMeetings におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2163	2016-04-18 17:37	2016-03-25	Show	GitHub Exploit DB Packet Storm

205818	6.1	警告 Network	Apache Software Foundation	-	Apache Struts におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2162	2016-04-18 17:36	2016-03-15	Show	GitHub Exploit DB Packet Storm

205819	8.8	重要 Network	Apache Software Foundation	-	Apache Struts における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-0785	2016-04-18 17:36	2016-03-15	Show	GitHub Exploit DB Packet Storm

205820	6.5	警告 Network	Apache Software Foundation	-	Apache OpenMeetings の Import/Export System Backups 機能におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-0784	2016-04-18 17:36	2016-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349711	-	francisco_burzi	php-nuke	Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or…	NVD-CWE-Other	CVE-2003-1210	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349712	-	-	-	Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter.	NVD-CWE-Other	CVE-2003-1211	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349713	-	-	-	MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page.	NVD-CWE-Other	CVE-2003-1212	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349714	-	maxwebportal	maxwebportal	The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a …	NVD-CWE-Other	CVE-2003-1213	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349715	-	visualshapers	ezcontents	Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions.	NVD-CWE-Other	CVE-2003-1214	2017-07-11 10:29	2004-02-11	Show	GitHub Exploit DB Packet Storm

349716	-	phpbb_group	phpbb	SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.	NVD-CWE-Other	CVE-2003-1215	2017-07-11 10:29	2003-12-29	Show	GitHub Exploit DB Packet Storm

349717	-	phpbb_group	phpbb	SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.	NVD-CWE-Other	CVE-2003-1216	2017-07-11 10:29	2003-11-27	Show	GitHub Exploit DB Packet Storm

349718	-	gallery_project	gallery	PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a UR…	CWE-94 Code Injection	CVE-2003-1227	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349719	-	-	-	The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct b…	NVD-CWE-Other	CVE-2003-1230	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

349720	-	ecw-shop	ecw-shop	Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.	NVD-CWE-Other	CVE-2003-1231	2017-07-11 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm