Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207511	2.6	注意	Migrate project	-	Drupal 用 Migrate モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5514	2015-08-25 18:16	2015-07-1	Show	GitHub Exploit DB Packet Storm

207512	2.1	注意	National Information Infrastructure Development Institute	-	Drupal 用 Shibboleth authentication モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5513	2015-08-25 18:16	2015-06-24	Show	GitHub Exploit DB Packet Storm

207513	5	警告	me aliases project	-	Drupal 用 me aliases モジュールにおける "me" ユーザ引数ハンドラを使用するビューにアクセスされる脆弱性	CWE-Other その他	CVE-2015-5512	2015-08-25 18:16	2015-06-24	Show	GitHub Exploit DB Packet Storm

207514	5	警告	HybridAuth Social Login project	-	Drupal 用 HybridAuth Social Login モジュールにおける管理者限定のユーザ登録を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-5511	2015-08-25 18:16	2015-06-24	Show	GitHub Exploit DB Packet Storm

207515	5.8	警告	Content Construction Kit project	-	Drupal 用 Content Construction Kit におけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2015-5510	2015-08-25 18:16	2015-06-17	Show	GitHub Exploit DB Packet Storm

207516	6	警告	Administration Views project	-	Drupal 用 Administration Views モジュールにおける制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-5509	2015-08-25 18:16	2015-02-20	Show	GitHub Exploit DB Packet Storm

207517	5.1	警告	The eXtensible Catalog Drupal Toolkit project	-	Drupal 用 The eXtensible Catalog Drupal Toolkit の XC NCIP Provider モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-5508	2015-08-25 18:16	2015-06-17	Show	GitHub Exploit DB Packet Storm

207518	4.3	警告	Inline Entity Form project	-	Drupal 用 Inline Entity Form モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5507	2015-08-25 18:16	2015-06-17	Show	GitHub Exploit DB Packet Storm

207519	5	警告	Apache Solr Real-Time project	-	Drupal 用 Apache Solr Real-Time モジュールにおける未公開のコンテンツに関する情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-5506	2015-08-25 18:16	2015-05-16	Show	GitHub Exploit DB Packet Storm

207520	6.8	警告	Coldfront Labs Inc.	-	Drupal 用 HTTP Strict Transport Security モジュールにおける脆弱性	CWE-Other その他	CVE-2015-5505	2015-08-25 18:16	2015-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347791	-	text-e	text-e_cms	Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4498	2008-09-20 13:43	2005-12-22	Show	GitHub Exploit DB Packet Storm

347792	-	waxtrapp	waxtrapp	Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4512	2008-09-20 13:43	2005-12-23	Show	GitHub Exploit DB Packet Storm

347793	-	ooapp	ooapp_guestbook	Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.	NVD-CWE-Other	CVE-2005-4598	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347794	-	phpoutsourcing	zorum	SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method.	NVD-CWE-Other	CVE-2005-4619	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347795	-	jelsoft	vbulletin	Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which th…	NVD-CWE-Other	CVE-2005-4621	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347796	-	help_desk_point_software	helpdeskpoint	SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.	NVD-CWE-Other	CVE-2005-4628	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347797	-	smbcms	smbcms	SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to execute arbitrary SQL commands via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4629	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347798	-	ryan_lath	zina	SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter.	NVD-CWE-Other	CVE-2005-4631	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347799	-	vote_pro	vote_pro	SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.	CWE-89 SQL Injection	CVE-2005-4632	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

347800	-	activecampaign	supporttrio	SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information …	NVD-CWE-Other	CVE-2005-4634	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm