Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211511	4.3	警告	CBI Referral Manager	-	WordPress 用 CBI Referral Manager プラグインの getNetworkSites.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4517	2014-10-27 18:55	2014-04-25	Show	GitHub Exploit DB Packet Storm

211512	4.3	警告	waisir	-	WordPress 用 Alipay プラグインの includes/api_tenpay/inc.tenpay_notify.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4514	2014-10-27 18:54	2014-01-28	Show	GitHub Exploit DB Packet Storm

211513	6.5	警告	GB Plugins	-	WordPress 用 GB Gallery Slideshow プラグインの GBgallery.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8375	2014-10-27 18:54	2014-08-9	Show	GitHub Exploit DB Packet Storm

211514	7.5	危険	シトリックス・システムズ	-	Citrix NetScaler Application Delivery Controller および NetScaler Gateway の管理インターフェースにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-7140	2014-10-27 18:53	2014-09-17	Show	GitHub Exploit DB Packet Storm

211515	4.3	警告	dotProject	-	dotProject におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5702	2014-10-27 18:53	2012-11-15	Show	GitHub Exploit DB Packet Storm

211516	5	警告	Banana Dance	-	Banana Dance の functions/suggest.php における任意のデータベースの情報を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5243	2014-10-27 18:53	2012-12-19	Show	GitHub Exploit DB Packet Storm

211517	6.8	警告	Banana Dance	-	Banana Dance の functions/suggest.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-5242	2014-10-27 18:52	2012-12-19	Show	GitHub Exploit DB Packet Storm

211518	7.5	危険	OS4Ed	-	openSIS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8366	2014-10-27 18:52	2014-06-26	Show	GitHub Exploit DB Packet Storm

211519	4.3	警告	Xornic	-	Xornic Contact Us におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8365	2014-10-27 18:51	2014-06-8	Show	GitHub Exploit DB Packet Storm

211520	4.3	警告	Joomla!	-	Joomla! 用 JChatSocial コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3863	2014-10-27 18:14	2014-07-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
284821	-	mozilla	firefox seamonkey	Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via …	NVD-CWE-noinfo	CVE-2007-5959	2018-10-16 06:47	2007-11-27	Show	GitHub Exploit DB Packet Storm

284822	-	mozilla	firefox	ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from …	CWE-20 Improper Input Validation	CVE-2007-5691	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284823	-	sitebar	sitebar	Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token paramete…	CWE-79 Cross-site Scripting	CVE-2007-5692	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284824	-	sitebar	sitebar	Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a…	CWE-94 Code Injection	CVE-2007-5693	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284825	-	sitebar	sitebar	Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, …	CWE-22 Path Traversal	CVE-2007-5694	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284826	-	sitebar	sitebar	Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.	CWE-59 Link Following	CVE-2007-5695	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284827	-	phpbasic	phpbasic	PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module.	CWE-94 Code Injection	CVE-2007-5696	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284828	-	novell	opensuse_swamp	Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to i…	CWE-79 Cross-site Scripting	CVE-2007-5702	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284829	-	rsa	keon_registration_authority_web_interface	Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitra…	CWE-79 Cross-site Scripting	CVE-2007-5703	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm

284830	-	codewidgets	online_event_registration_template	Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields…	CWE-89 SQL Injection	CVE-2007-5704	2018-10-16 06:46	2007-10-30	Show	GitHub Exploit DB Packet Storm