Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216551	4.9	警告	WordPress.org	-	WordPress の wp-includes/capabilities.php におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5296	2014-01-22 18:43	2010-09-4	Show	GitHub Exploit DB Packet Storm

216552	4.3	警告	WordPress.org	-	WordPress の wp-admin/plugins.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5295	2014-01-22 18:41	2010-11-14	Show	GitHub Exploit DB Packet Storm

216553	4.3	警告	WordPress.org	-	WordPress の wp-admin/includes/file.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5294	2014-01-22 18:38	2010-11-14	Show	GitHub Exploit DB Packet Storm

216554	5.8	警告	WordPress.org	-	WordPress の wp-includes/comment.php におけるスパム制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5293	2014-01-22 18:35	2010-11-30	Show	GitHub Exploit DB Packet Storm

216555	4.3	警告	シスコシステムズ	-	Cisco Secure Access Control System のポータルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0668	2014-01-22 16:37	2014-01-21	Show	GitHub Exploit DB Packet Storm

216556	2.6	注意	TYPO3 Association	-	TYPO3 の Extbase Framework の ActionController ベースクラスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7078	2014-01-22 16:32	2013-12-10	Show	GitHub Exploit DB Packet Storm

216557	3.3	注意	libimobiledevice	-	libimobiledevice の userpref.c における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2013-2142	2014-01-22 16:31	2013-08-14	Show	GitHub Exploit DB Packet Storm

216558	2.6	注意	Drupal	-	Drupal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0244	2014-01-22 16:31	2013-01-16	Show	GitHub Exploit DB Packet Storm

216559	2.7	注意	Fabrice Bellard Xen プロジェクト	-	Xen および QEMU の qemu-xen の qdisk PV ディスクバックエンドにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-4375	2014-01-22 16:22	2013-10-10	Show	GitHub Exploit DB Packet Storm

216560	1.9	注意	Linux	-	Linux Kernel の drivers/net/hamradio/yam.c の yam_ioctl 関数における重要な情報を取得される脆弱性	CWE-399 リソース管理の問題	CVE-2014-1446	2014-01-22 16:05	2014-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
289651	-	php_outburst	easynews	admin.php in PHP Outburst Easynews 4.4.1 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication, and gain the ability to execute arbitrary code, via the en_lo…	NVD-CWE-Other	CVE-2006-5412	2017-10-19 10:29	2006-10-20	Show	GitHub Exploit DB Packet Storm

289652	-	supermod	supermod	Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter to (1) Offline.php, (2…	NVD-CWE-Other	CVE-2006-5413	2017-10-19 10:29	2006-10-20	Show	GitHub Exploit DB Packet Storm

289653	-	university_of_glasgow	specimen_image_database	PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code v…	NVD-CWE-Other	CVE-2006-5419	2017-10-19 10:29	2006-10-20	Show	GitHub Exploit DB Packet Storm

289654	-	wsn_forum	wsn_forum	WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is…	NVD-CWE-Other	CVE-2006-5421	2017-10-19 10:29	2006-10-20	Show	GitHub Exploit DB Packet Storm

289655	-	local_calendar_system	local_calendar_system	PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter.	NVD-CWE-Other	CVE-2006-5426	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm

289656	-	php_amx	php_amx	PHP remote file inclusion vulnerability in plugins/main.php in Php AMX 0.9.0, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code v…	NVD-CWE-Other	CVE-2006-5427	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm

289657	-	barry_nauta	brim	Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php i…	NVD-CWE-Other	CVE-2006-5429	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm

289658	-	marc_giombetti	phppowercards	Multiple direct static code injection vulnerabilities in db/txt.inc.php in phpPowerCards 2.10, when register_globals is enabled, allow remote attackers to create or overwrite arbitrary files via the …	NVD-CWE-Other	CVE-2006-5432	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm

289659	-	timm_maass	alice_cms	PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter.	NVD-CWE-Other	CVE-2006-5433	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm

289660	-	p-news	p-news	PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter.	NVD-CWE-Other	CVE-2006-5434	2017-10-19 10:29	2006-10-21	Show	GitHub Exploit DB Packet Storm