Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219381 4.3 警告 phpwebgallery - PhpWebGallery におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3476 2014-03-11 17:43 2006-07-10 Show GitHub Exploit DB Packet Storm
219382 7.5 危険 Drupal - form_mail Drupal Module における CRLF インジェクションの脆弱性 - CVE-2006-3473 2014-03-11 17:43 2006-07-10 Show GitHub Exploit DB Packet Storm
219383 7.5 危険 mybulletinboard - MyBulletinBoard におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2006-3420 2014-03-11 17:43 2006-07-7 Show GitHub Exploit DB Packet Storm
219384 5.4 警告 マイクロソフト - Windows XP および 2003 におけるバッファオーバーフローの脆弱性 - CVE-2006-3351 2014-03-11 17:43 2006-07-6 Show GitHub Exploit DB Packet Storm
219385 4.3 警告 ajax softwares - AliPAGER におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3345 2014-03-11 17:43 2006-07-3 Show GitHub Exploit DB Packet Storm
219386 2.6 注意 Atlassian - Atlassian JIRA におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3338 2014-03-11 17:43 2006-07-3 Show GitHub Exploit DB Packet Storm
219387 6.8 警告 DeltaScripts - PHP/MySQL Classifieds におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3330 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219388 4.3 警告 e-cbd.biz - Custom dating biz dating script におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3327 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219389 5 警告 id software - id3 Quake 3 Engine および Icculus Quake 3 Engine における書き込み保護された任意の変数を上書きされる脆弱性 - CVE-2006-3325 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219390 2.6 注意 sitebar - SiteBar におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3320 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293181 - wordpress pay-with-tweet SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in … CWE-89
SQL Injection 		CVE-2012-5350 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293182 - wordpress pay-with-tweet Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3… CWE-79
Cross-site Scripting 		CVE-2012-5349 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293183 - wilson_steven mangosweb_enhanced SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote attackers to execute arbitrary SQL commands via the login parameter in a login action to index.php. CWE-89
SQL Injection 		CVE-2012-5348 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293184 - tinywebgallery tinywebgallery TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to (1) inc/filefunctions.inc or (2) info.php. NVD-CWE-noinfo
CVE-2012-5347 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293185 - bencemeszaros wp-livephp Cross-site scripting (XSS) vulnerability in wp-live.php in the WP Live.php module 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: some o… CWE-79
Cross-site Scripting 		CVE-2012-5346 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293186 - kepler_lam iptools Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to cause a denial of service (crash) via a long string to TCP port 23. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5345 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293187 - kepler_lam iptools Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a HTTP request. CWE-22
Path Traversal 		CVE-2012-5344 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293188 - limny limny Cross-site scripting (XSS) vulnerability in admin/login.php in Limny 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable. CWE-79
Cross-site Scripting 		CVE-2012-5343 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293189 - michau_enterprises_llc commonsense_cms Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) special.php, (2) article.php, or (3) cat2.php. CWE-89
SQL Injection 		CVE-2012-5342 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm
293190 - otterware statit Multiple cross-site scripting (XSS) vulnerabilities in statistik.php in Otterware StatIt 4 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter, (2) show paramet… CWE-79
Cross-site Scripting 		CVE-2012-5341 2024-11-21 10:44 2012-10-10 Show GitHub Exploit DB Packet Storm