Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219381 4.3 警告 phpwebgallery - PhpWebGallery におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3476 2014-03-11 17:43 2006-07-10 Show GitHub Exploit DB Packet Storm
219382 7.5 危険 Drupal - form_mail Drupal Module における CRLF インジェクションの脆弱性 - CVE-2006-3473 2014-03-11 17:43 2006-07-10 Show GitHub Exploit DB Packet Storm
219383 7.5 危険 mybulletinboard - MyBulletinBoard におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2006-3420 2014-03-11 17:43 2006-07-7 Show GitHub Exploit DB Packet Storm
219384 5.4 警告 マイクロソフト - Windows XP および 2003 におけるバッファオーバーフローの脆弱性 - CVE-2006-3351 2014-03-11 17:43 2006-07-6 Show GitHub Exploit DB Packet Storm
219385 4.3 警告 ajax softwares - AliPAGER におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3345 2014-03-11 17:43 2006-07-3 Show GitHub Exploit DB Packet Storm
219386 2.6 注意 Atlassian - Atlassian JIRA におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3338 2014-03-11 17:43 2006-07-3 Show GitHub Exploit DB Packet Storm
219387 6.8 警告 DeltaScripts - PHP/MySQL Classifieds におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3330 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219388 4.3 警告 e-cbd.biz - Custom dating biz dating script におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3327 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219389 5 警告 id software - id3 Quake 3 Engine および Icculus Quake 3 Engine における書き込み保護された任意の変数を上書きされる脆弱性 - CVE-2006-3325 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
219390 2.6 注意 sitebar - SiteBar におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3320 2014-03-11 17:43 2006-06-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294851 - ushahidi ushahidi_platform Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated us… CWE-79
Cross-site Scripting 		CVE-2012-3476 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294852 - ushahidi ushahidi_platform The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors. NVD-CWE-Other
CVE-2012-3475 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294853 - ushahidi ushahidi_platform The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP addre… CWE-200
Information Exposure 		CVE-2012-3474 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294854 - ushahidi ushahidi_platform The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organiz… CWE-287
Improper Authentication 		CVE-2012-3473 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294855 - ushahidi ushahidi_platform The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2.5 does not require authentication, which allows remote attackers to list, delete, or organize mess… CWE-287
Improper Authentication 		CVE-2012-3472 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294856 - ushahidi ushahidi_platform Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 a… CWE-89
SQL Injection 		CVE-2012-3471 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294857 - ushahidi ushahidi_platform Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vector… CWE-89
SQL Injection 		CVE-2012-3470 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294858 - ushahidi ushahidi_platform Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the messages admin functionality in appl… CWE-89
SQL Injection 		CVE-2012-3469 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294859 - ushahidi ushahidi_platform Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/contr… CWE-89
SQL Injection 		CVE-2012-3468 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm
294860 - caucho resin Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2969 2024-11-21 10:40 2012-08-13 Show GitHub Exploit DB Packet Storm