Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223861	4.3	警告	turnkeyforms	-	TurnkeyForms Local Classifieds の listtest.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6351	2012-12-20 19:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

223862	7.5	危険	turnkeyforms	-	TurnkeyForms Local Classifieds の listtest.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6350	2012-12-20 19:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

223863	7.5	危険	turnkeyforms	-	TurnkeyForms Business Survey Pro の survey_results_text.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6349	2012-12-20 19:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

223864	4.3	警告	ticklespace	-	Drupal 用の Answers モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6413	2012-12-20 19:10	2008-09-18	Show	GitHub Exploit DB Packet Storm

223865	4.3	警告	sadi samami	-	Multi Languages WebShop Online の detail.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6267	2012-12-20 19:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

223866	6.8	警告	xt:Commerce	-	xt:Commerce における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6304	2012-12-20 19:10	2008-11-20	Show	GitHub Exploit DB Packet Storm

223867	7.5	危険	TYPO3 Association	-	TYPO3 用の TU-Clausthal Staff エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6344	2012-12-20 19:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

223868	4.3	警告	TYPO3 Association	-	TYPO3 用の TU-Clausthal ODIN エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6343	2012-12-20 19:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

223869	4.3	警告	TYPO3 Association	-	TYPO3 用の SB Universal Plugin エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6341	2012-12-20 19:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

223870	7.5	危険	weber-ebusiness	-	TYPO3 用の WEBERkommunal Facilities エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6338	2012-12-20 19:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278781	-	jetbox	jetbox_cms	Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable varia…	NVD-CWE-Other	CVE-2006-3584	2018-10-19 01:48	2006-08-9	Show	GitHub Exploit DB Packet Storm

278782	-	jetbox	jetbox_cms	Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspeci…	NVD-CWE-Other	CVE-2006-3585	2018-10-19 01:48	2006-08-9	Show	GitHub Exploit DB Packet Storm

278783	-	jetbox	jetbox_cms	SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the (1) frontsession COOKIE parameter and (2) view parameter in index.php, and the (3) …	NVD-CWE-Other	CVE-2006-3586	2018-10-19 01:48	2006-08-9	Show	GitHub Exploit DB Packet Storm

278784	-	microsoft	powerpoint	mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption,…	NVD-CWE-Other	CVE-2006-3590	2018-10-19 01:48	2006-07-15	Show	GitHub Exploit DB Packet Storm

278785	-	php-nuke	sections_module	SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.	NVD-CWE-Other	CVE-2006-3598	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm

278786	-	php-nuke	advanced_classified_module	SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_ads parameter in an EditAds op.	NVD-CWE-Other	CVE-2006-3599	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm

278787	-	farsinews	farsinews	Directory traversal vulnerability in jscripts/tiny_mce/tiny_mce_gzip.php in FarsiNews 3.0 BETA 1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing null (%00)…	NVD-CWE-Other	CVE-2006-3602	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm

278788	-	flatnuke	flatnuke	The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote …	NVD-CWE-Other	CVE-2006-3608	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm

278789	-	flatnuke	flatnuke	Successful exploitation requires that Gallery uploads are enabled.	NVD-CWE-Other	CVE-2006-3608	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm

278790	-	orbitcoders	orbitmatrix	Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the page_name parameter with an IMG tag contain…	NVD-CWE-Other	CVE-2006-3609	2018-10-19 01:48	2006-07-19	Show	GitHub Exploit DB Packet Storm