Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214861	4.3	警告	Roundup	-	Roundup におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6132	2014-04-14 18:31	2012-05-15	Show	GitHub Exploit DB Packet Storm

214862	6.8	警告	Lester Chan	-	WordPress 用 WP-PostViews プラグインのオプションの管理者ページにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3252	2014-04-14 18:26	2013-05-7	Show	GitHub Exploit DB Packet Storm

214863	6.8	警告	Qian Qin	-	WordPress 用 qTranslate プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3251	2014-04-14 18:26	2013-06-4	Show	GitHub Exploit DB Packet Storm

214864	6.8	警告	Jeremy Massel	-	WordPress 用 underConstruction プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2699	2014-04-14 18:26	2013-06-3	Show	GitHub Exploit DB Packet Storm

214865	6.8	警告	Lester Chan	-	WordPress 用 WP-Print プラグインのオプションにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2693	2014-04-14 18:25	2013-04-5	Show	GitHub Exploit DB Packet Storm

214866	6.8	警告	Dean Adjie Minwarie	-	WordPress 用 DVS Custom Notification プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4921	2014-04-14 18:24	2012-09-14	Show	GitHub Exploit DB Packet Storm

214867	5.8	警告	kernel.org	-	Linux-PAM 用 pam_timestamp モジュールの pam_timestamp.c におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2583	2014-04-14 18:04	2014-03-26	Show	GitHub Exploit DB Packet Storm

214868	7.5	危険	Pearson Education, Inc.	-	Pearson eSIS Enterprise Student Information System のパスワードリセット機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1455	2014-04-14 17:52	2014-04-6	Show	GitHub Exploit DB Packet Storm

214869	2.1	注意	CloudBees	-	CloudBees Jenkins におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2033	2014-04-14 17:38	2013-05-2	Show	GitHub Exploit DB Packet Storm

214870	6.5	警告	レッドハット (KIE Group) レッドハット	-	複数の Red Hat Jboss 製品における任意の Java コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-6468	2014-04-14 17:23	2013-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
289321	-	claroline	claroline	PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter.	NVD-CWE-Other	CVE-2006-1596	2017-10-19 10:29	2006-04-3	Show	GitHub Exploit DB Packet Storm

289322	-	xine	xine-lib	Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.	NVD-CWE-Other	CVE-2006-1664	2017-10-19 10:29	2006-04-7	Show	GitHub Exploit DB Packet Storm

289323	-	xbrite	xbrite_members	SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2006-1694	2017-10-19 10:29	2006-04-11	Show	GitHub Exploit DB Packet Storm

289324	-	clansys	clansys	SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.	NVD-CWE-Other	CVE-2006-1708	2017-10-19 10:29	2006-04-11	Show	GitHub Exploit DB Packet Storm

289325	-	design_nation	dnguestbook	SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters.	NVD-CWE-Other	CVE-2006-1710	2017-10-19 10:29	2006-04-12	Show	GitHub Exploit DB Packet Storm

289326	-	design_nation	dnguestbook	Successful exploitation requires that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2006-1710	2017-10-19 10:29	2006-04-12	Show	GitHub Exploit DB Packet Storm

289327	-	sphider	sphider	PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the se…	NVD-CWE-Other	CVE-2006-1784	2017-10-19 10:29	2006-04-14	Show	GitHub Exploit DB Packet Storm

289328	-	adcentrix	censtore	censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.	NVD-CWE-Other	CVE-2006-1799	2017-10-19 10:29	2006-04-18	Show	GitHub Exploit DB Packet Storm

289329	-	phpwebsite	phpwebsite	Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and earlier allows remote attackers to include arbitrary local files and execute arbitrary PHP code via …	NVD-CWE-Other	CVE-2006-1819	2017-10-19 10:29	2006-04-18	Show	GitHub Exploit DB Packet Storm

289330	-	php121	php121_instant_messenger	SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php1…	NVD-CWE-Other	CVE-2006-1828	2017-10-19 10:29	2006-04-20	Show	GitHub Exploit DB Packet Storm