Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214541 4.3 警告 Ushahidi - Ushahidi Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2025 2014-04-28 17:51 2013-05-1 Show GitHub Exploit DB Packet Storm
214542 3.5 注意 Episerver - Ektron CMS の content.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2729 2014-04-28 17:42 2014-04-16 Show GitHub Exploit DB Packet Storm
214543 9.3 危険 Power Software - Power Software の WinArchiver におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-5660 2014-04-28 17:13 2013-04-29 Show GitHub Exploit DB Packet Storm
214544 4.3 警告 JoomlaBoat.com - Joomla! 用 YouTube Gallery コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5956 2014-04-28 16:17 2013-09-27 Show GitHub Exploit DB Packet Storm
214545 6.8 警告 OpenX - OpenX におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5954 2014-04-28 16:04 2013-09-27 Show GitHub Exploit DB Packet Storm
214546 4.3 警告 Moxiecode Systems AB - TinyMCE の bbcode プラグインにおけるクロスサイトスクリプティング攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4230 2014-04-28 15:49 2012-08-9 Show GitHub Exploit DB Packet Storm
214547 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2014-0769 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
214548 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2014-0760 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
214549 4.3 警告 Open-Xchange - Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2393 2014-04-28 15:07 2014-04-8 Show GitHub Exploit DB Packet Storm
214550 4.3 警告 Open-Xchange - Open-Xchange AppSuite の電子メール自動設定機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2392 2014-04-28 15:06 2014-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289631 - boesch_it-consulting progsys PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. CWE-94
Code Injection 		CVE-2006-4944 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289632 - cardway digitalwebshop Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _PHPLIB[lib… NVD-CWE-Other
CVE-2006-4945 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289633 - cmsdevelopment business_card_web_builder PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder (BCWB) 0.99, and possibly 2.5 Beta and earlier, allows remote attackers to execute arbit… NVD-CWE-Other
CVE-2006-4946 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289634 - cmsdevelopment business_card_web_builder Successful exploitation requires that "register_globals" is enabled. NVD-CWE-Other
CVE-2006-4946 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289635 - the_myreview_system myreview SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php. NVD-CWE-Other
CVE-2006-4957 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289636 - blue_dragon php_blue_dragon Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an er… NVD-CWE-Other
CVE-2006-4960 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289637 - blue_dragon php_blue_dragon SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_modules.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to execute arbitrary SQL command… NVD-CWE-Other
CVE-2006-4961 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289638 - blue_dragon php_blue_dragon Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt p… NVD-CWE-Other
CVE-2006-4962 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289639 - exponent exponent_cms Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_v… NVD-CWE-Other
CVE-2006-4963 2017-10-19 10:29 2006-09-23 Show GitHub Exploit DB Packet Storm
289640 - wahm_e-commerce pie_cart_pro Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) o… NVD-CWE-Other
CVE-2006-4969 2017-10-19 10:29 2006-09-25 Show GitHub Exploit DB Packet Storm