Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216401	5	警告	株式会社ロックオン	-	EC-CUBE における情報改ざんの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0807	2014-01-30 18:37	2014-01-22	Show	GitHub Exploit DB Packet Storm

216402	2.6	注意	株式会社ロックオン	-	EC-CUBE におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-5993	2014-01-30 18:36	2013-11-20	Show	GitHub Exploit DB Packet Storm

216403	4.3	警告	株式会社ロックオン	-	EC-CUBE におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5996	2014-01-30 18:35	2013-11-20	Show	GitHub Exploit DB Packet Storm

216404	5.5	警告	株式会社ロックオン	-	EC-CUBE における情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2013-5995	2014-01-30 18:34	2013-11-20	Show	GitHub Exploit DB Packet Storm

216405	5	警告	株式会社ロックオン	-	EC-CUBE における情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2013-5994	2014-01-30 18:32	2013-11-20	Show	GitHub Exploit DB Packet Storm

216406	6.4	警告	株式会社ロックオン	-	EC-CUBE におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2314	2014-01-30 18:31	2013-05-23	Show	GitHub Exploit DB Packet Storm

216407	6	警告	Chamilo Association	-	Chamilo LMS の main/auth/profile.php の check_user_password 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-6787	2014-01-30 15:53	2013-11-6	Show	GitHub Exploit DB Packet Storm

216408	5	警告	Easytime Studio	-	iOS 用 Easytime Studio Easy File Manager におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-3921	2014-01-30 15:52	2013-11-21	Show	GitHub Exploit DB Packet Storm

216409	7.5	危険	Doug Poulin	-	Command School Student Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1636	2014-01-30 14:46	2014-01-7	Show	GitHub Exploit DB Packet Storm

216410	5	警告	Doug Poulin	-	Command School Student Management System におけるデータベースのバックアップをダウンロードされる脆弱性	CWE-200 情報漏えい	CVE-2014-1637	2014-01-30 14:45	2014-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280431	-	mini-nuke	mini-nuke	enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter,…	NVD-CWE-Other	CVE-2006-2734	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280432	-	activity_mod_plus	activity_mod_plus	PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote attackers to e…	NVD-CWE-Other	CVE-2006-2735	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280433	-	phpbb-portal	blend_portal	PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP cod…	NVD-CWE-Other	CVE-2006-2736	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280434	-	nukedit	nukedit	utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when …	NVD-CWE-Other	CVE-2006-2737	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280435	-	open-xchange	open-xchange	The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to ac…	NVD-CWE-Other	CVE-2006-2738	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280436	-	open-xchange	open-xchange	Exploit only works on Open Source versions of this product.	NVD-CWE-Other	CVE-2006-2738	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280437	-	epic_designs	tinybb	PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_foote…	NVD-CWE-Other	CVE-2006-2739	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280438	-	epic_designs	tinybb	Successful exploitation requires that "register_globals" is enabled.	NVD-CWE-Other	CVE-2006-2739	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280439	-	epic_designs	tinybb	Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) q parameter in (a) forgot.php, and the (2) username and (3) passw…	NVD-CWE-Other	CVE-2006-2740	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm

280440	-	epic_designs	tinybb	Successful exploitation requires that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2006-2740	2018-10-19 01:41	2006-06-1	Show	GitHub Exploit DB Packet Storm