Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225281 7.5 危険 xforum - Xforum の liretopic.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0279 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
225282 6 警告 X7 Group - X7 Chat の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0278 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
225283 6 警告 taskfreak - TaskFreak! の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0270 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
225284 6.8 警告 wavelink media - TutorialCMS の activate.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0254 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
225285 5 警告 php webquest - PHP Webquest におけるデータベースの資格情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0249 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
225286 9.3 危険 streamaudio - StreamAudio ChainCast ProxyManager の ccpm_0237.dll におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0248 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
225287 10 危険 uploadscript - UploadScript の admin.php における管理者の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0246 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
225288 7.5 危険 uploadscript - UploadImage の admin.php における管理者の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0245 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
225289 10 危険 SAP - SAP MaxDB における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0244 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
225290 5.8 警告 サン・マイクロシステムズ - Sun Java System Identity Manager の /idm/user/login.jsp におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0241 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292341 - bitweaver bitweaver Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code int… CWE-94
Code Injection 		CVE-2009-1677 2017-09-29 10:34 2009-05-19 Show GitHub Exploit DB Packet Storm
292342 - bitweaver bitweaver Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) … CWE-22
Path Traversal 		CVE-2009-1678 2017-09-29 10:34 2009-05-19 Show GitHub Exploit DB Packet Storm
292343 - apple safari The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which … CWE-399
 Resource Management Errors 		CVE-2009-1687 2017-09-29 10:34 2009-06-10 Show GitHub Exploit DB Packet Storm
292344 - apple mac_os_x
mac_os_x_server 		Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-1726 2017-09-29 10:34 2009-08-7 Show GitHub Exploit DB Packet Storm
292345 - omnisoftsol vidsharepro SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter. CWE-89
SQL Injection 		CVE-2009-1734 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm
292346 - omnisoftsol vidsharepro Cross-site scripting (XSS) vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. NOTE: some of these details are obta… CWE-79
Cross-site Scripting 		CVE-2009-1735 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm
292347 - joomla com_gsticketsystem SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a vie… CWE-89
SQL Injection 		CVE-2009-1736 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm
292348 - phpeasycode pad_site_scripts PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid user… CWE-20
 Improper Input Validation  		CVE-2009-1739 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm
292349 - dutchmonkey dm_filemanager Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) P… CWE-89
SQL Injection 		CVE-2009-1741 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm
292350 - pc4arb pc4_uploader code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter … CWE-89
SQL Injection 		CVE-2009-1742 2017-09-29 10:34 2009-05-21 Show GitHub Exploit DB Packet Storm