Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230191 7.5 危険 Mahara - mahara の lib/user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0400 2012-09-25 17:38 2010-04-7 Show GitHub Exploit DB Packet Storm
230192 6.8 警告 nanosleep - Trac Git プラグインの PyGIT.py における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0394 2012-09-25 17:38 2010-02-3 Show GitHub Exploit DB Packet Storm
230193 5 警告 JCE-Tech.com - JCE-Tech PHP Calendars の install.php におけるアクセス制限を回避する脆弱性 CWE-16
CWE-264
CVE-2010-0380 2012-09-25 17:38 2010-01-22 Show GitHub Exploit DB Packet Storm
230194 4.3 警告 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0376 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230195 7.5 危険 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0375 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230196 7.5 危険 Joomla! - Joomla! 用の libros コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0373 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230197 7.5 危険 hong chuyen - Joomla! の articlemanager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0372 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230198 4.3 警告 hitmaaan - Hitmaaan Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0371 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230199 7.5 危険 matthias graubner - Helpdesk エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0333 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
230200 7.5 危険 julian fries - TYPO3 用の Googlemaps for tt_news 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0330 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298931 - hitachi cosminexus_application_server
cosminexus_collaboration_portal
cosminexus_developer
cosminexus_erp_integrator
cosminexus_opentp1_web_front-end_set
electronic_form_workflow
groupmax_c… 		The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspec… NVD-CWE-Other
CVE-2007-4124 2017-07-29 10:32 2007-08-2 Show GitHub Exploit DB Packet Storm
298932 - wordpress wordpress Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2007-4139 2017-07-29 10:32 2007-08-3 Show GitHub Exploit DB Packet Storm
298933 - openrat openrat_cms OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain sensitive information via a request containing an XSS sequence in the action parameter to index.php, which reveals the path in an e… NVD-CWE-Other
CVE-2007-4141 2017-07-29 10:32 2007-08-3 Show GitHub Exploit DB Packet Storm
298934 - ibm lotus_sametime Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted … NVD-CWE-Other
CVE-2007-4142 2017-07-29 10:32 2007-08-4 Show GitHub Exploit DB Packet Storm
298935 - wordpress wordpress Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin… NVD-CWE-Other
CVE-2007-4153 2017-07-29 10:32 2007-08-4 Show GitHub Exploit DB Packet Storm
298936 - wordpress wordpress SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (… NVD-CWE-Other
CVE-2007-4154 2017-07-29 10:32 2007-08-4 Show GitHub Exploit DB Packet Storm
298937 - sun java_system_web_server CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and e… NVD-CWE-Other
CVE-2007-4164 2017-07-29 10:32 2007-08-7 Show GitHub Exploit DB Packet Storm
298938 - wordpress unamed_theme
unamed_theme_se 		Cross-site scripting (XSS) vulnerability in index.php in the Unnamed theme 1.217, and Special Edition (SE) 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script o… NVD-CWE-Other
CVE-2007-4166 2017-07-29 10:32 2007-08-7 Show GitHub Exploit DB Packet Storm
298939 - open_webmail open_webmail Multiple cross-site scripting (XSS) vulnerabilities in Open Webmail (OWM) 2.52 20060831 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchtype, (2) longpage,… CWE-79
Cross-site Scripting 		CVE-2007-4172 2017-07-29 10:32 2007-08-7 Show GitHub Exploit DB Packet Storm
298940 - tor tor Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymit… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-4174 2017-07-29 10:32 2007-08-7 Show GitHub Exploit DB Packet Storm