Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227921	5	警告	till gerken	-	Till Gerken phpPolls における新規の世論調査を作成される脆弱性	-	CVE-2006-3764	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

227922	7.5	危険	dieselscripts	-	Diesel Joke Site の category.php における SQL インジェクションの脆弱性	-	CVE-2006-3763	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

227923	7.5	危険	touch control	-	Touch Control ActiveX コントロールにおける任意のファイルを実行される脆弱性	-	CVE-2006-3762	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

227924	4.3	警告	mybulletinboard	-	MyBB の inc/functions_post.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-3761	2012-12-20 18:02	2006-06-27	Show	GitHub Exploit DB Packet Storm

227925	7.5	危険	mybulletinboard	-	MyBB における SQL インジェクションの脆弱性	-	CVE-2006-3760	2012-12-20 18:02	2006-06-27	Show	GitHub Exploit DB Packet Storm

227926	5	警告	mybulletinboard	-	MyBB における脆弱性	-	CVE-2006-3759	2012-12-20 18:02	2006-06-27	Show	GitHub Exploit DB Packet Storm

227927	7.5	危険	mybulletinboard	-	MyBB の Archive Model の inc/init.php における任意の変数を上書きされる脆弱性	-	CVE-2006-3758	2012-12-20 18:02	2006-06-27	Show	GitHub Exploit DB Packet Storm

227928	5	警告	Zen Cart	-	Zen Cart の index.php における重要な情報を取得される脆弱性	-	CVE-2006-3757	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

227929	7.5	危険	flushcms	-	FlushCMS の Include/editor/class.rich.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3755	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

227930	7.5	危険	flushcms	-	FlushCMS の Include/editor/rich_files/class.rich.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3754	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249541	5.3	MEDIUM Network	ovaledge	ovaledge	OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. No authentication is required. The information disclosed is associated with…	CWE-922 Insecure Storage of Sensitive Information	CVE-2022-30361	2024-11-1 01:34	2024-10-26	Show	GitHub Exploit DB Packet Storm

249542	6.1	MEDIUM Network	coralwebdesign	cwd_3d_image_gallery	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Coral Web Design CWD 3D Image Gallery allows Reflected XSS.This issue affects CWD 3D Image…	CWE-79 Cross-site Scripting	CVE-2024-49632	2024-11-1 01:31	2024-10-29	Show	GitHub Exploit DB Packet Storm

249543	4.7	MEDIUM Network	ovaledge	ovaledge	OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OE_ADM…	CWE-863 Incorrect Authorization	CVE-2022-30356	2024-11-1 01:31	2024-10-26	Show	GitHub Exploit DB Packet Storm

249544	6.1	MEDIUM Network	rimonhabib	bp_member_type_manager	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rimon Habib BP Member Type Manager allows Reflected XSS.This issue affects BP Member Type …	CWE-79 Cross-site Scripting	CVE-2024-49634	2024-11-1 01:30	2024-10-29	Show	GitHub Exploit DB Packet Storm

249545	4.3	MEDIUM Network	gaizhenbiao	chuanhuchatgpt	In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a…	NVD-CWE-noinfo	CVE-2024-8143	2024-11-1 01:23	2024-10-29	Show	GitHub Exploit DB Packet Storm

249546	6.1	MEDIUM Network	tidaweb	tida_url_screenshot	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: f…	CWE-79 Cross-site Scripting	CVE-2024-49641	2024-11-1 01:05	2024-10-29	Show	GitHub Exploit DB Packet Storm

249547	6.1	MEDIUM Network	amadercodelab	acl_floating_cart_for_woocommerce	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects A…	CWE-79 Cross-site Scripting	CVE-2024-49640	2024-11-1 01:04	2024-10-29	Show	GitHub Exploit DB Packet Storm

249548	6.1	MEDIUM Network	edwardstoever	monitor.chat	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Edward Stoever Monitor.Chat allows Reflected XSS.This issue affects Monitor.Chat: from n/a…	CWE-79 Cross-site Scripting	CVE-2024-49639	2024-11-1 00:58	2024-10-29	Show	GitHub Exploit DB Packet Storm

249549	7.2	HIGH Network	funadmin	funadmin	funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.	CWE-89 SQL Injection	CVE-2024-48230	2024-11-1 00:57	2024-10-26	Show	GitHub Exploit DB Packet Storm

249550	6.1	MEDIUM Network	aliazlan	risk_warning_bar	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Azlan Risk Warning Bar allows Reflected XSS.This issue affects Risk Warning Bar: from …	CWE-79 Cross-site Scripting	CVE-2024-49638	2024-11-1 00:56	2024-10-29	Show	GitHub Exploit DB Packet Storm