Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218231 10 危険 シスコシステムズ - Cisco Unified SIP Phone 3905 のファームウェアにおける root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0721 2014-03-13 17:45 2014-02-19 Show GitHub Exploit DB Packet Storm
218232 7.5 危険 Raoul Proenca - Gnew の users/login.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-5639 2014-03-13 17:45 2013-10-2 Show GitHub Exploit DB Packet Storm
218233 7.8 危険 シスコシステムズ - Cisco IPS ソフトウェアのコントロールプレーンのアクセスリストの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0719 2014-03-13 17:42 2014-02-19 Show GitHub Exploit DB Packet Storm
218234 4.4 警告 Novell
Logilab.org		 - logilab-common の shellutils の Execute クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2014-1839 2014-03-13 16:43 2014-02-11 Show GitHub Exploit DB Packet Storm
218235 4.4 警告 Novell
Logilab.org		 - logilab-common における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1838 2014-03-13 16:42 2014-02-11 Show GitHub Exploit DB Packet Storm
218236 7.5 危険 MODX - MODX Revolution の modx.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2311 2014-03-13 16:42 2014-03-7 Show GitHub Exploit DB Packet Storm
218237 6.5 警告 Thomas Abeel - Simple PHP Agenda の edit_event.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3961 2014-03-13 16:32 2013-06-11 Show GitHub Exploit DB Packet Storm
218238 9.3 危険 John Paul Chacha's Lab - Chasys Draw IES の flt_BMP.dll の ReadFile 機能におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3928 2014-03-13 16:03 2013-07-21 Show GitHub Exploit DB Packet Storm
218239 6.8 警告 Umisoft - Umisoft UMI.CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2754 2014-03-13 15:48 2013-05-8 Show GitHub Exploit DB Packet Storm
218240 6.5 警告 VICIDIAL Group - VICIDIAL ダイヤラーのエージェントインターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4467 2014-03-13 15:32 2013-10-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296251 - obm open_business_management Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local fi… CWE-22
Path Traversal 		CVE-2011-5141 2024-11-21 10:33 2012-09-1 Show GitHub Exploit DB Packet Storm
296252 - diy-cms blog Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index… CWE-89
SQL Injection 		CVE-2011-5140 2024-11-21 10:33 2012-09-1 Show GitHub Exploit DB Packet Storm
296253 - preprojects business_cards_designer SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2011-5139 2024-11-21 10:33 2012-09-1 Show GitHub Exploit DB Packet Storm
296254 - tforum tforum Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action. CWE-79
Cross-site Scripting 		CVE-2011-5138 2024-11-21 10:33 2012-09-1 Show GitHub Exploit DB Packet Storm
296255 - tforum tforum Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard… CWE-89
SQL Injection 		CVE-2011-5137 2024-11-21 10:33 2012-09-1 Show GitHub Exploit DB Packet Storm
296256 - epractizelabs subscription_manager showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter. CWE-20
 Improper Input Validation  		CVE-2011-5136 2024-11-21 10:33 2012-08-31 Show GitHub Exploit DB Packet Storm
296257 - docebo docebolms Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher… CWE-89
SQL Injection 		CVE-2011-5135 2024-11-21 10:33 2012-08-31 Show GitHub Exploit DB Packet Storm
296258 - widgetfactorylimited com_jce Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arb… NVD-CWE-Other
CVE-2011-5134 2024-11-21 10:33 2012-08-31 Show GitHub Exploit DB Packet Storm
296259 - mybb mybb Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list." NVD-CWE-noinfo
CVE-2011-5133 2024-11-21 10:33 2012-08-31 Show GitHub Exploit DB Packet Storm
296260 - mybb mybb Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX." CWE-79
Cross-site Scripting 		CVE-2011-5132 2024-11-21 10:33 2012-08-31 Show GitHub Exploit DB Packet Storm