Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230281 4.3 警告 telephone - Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2677 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
230282 4.3 警告 softcomplex - PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2675 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
230283 7.5 危険 Powie - Powie pNews の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2673 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
230284 7.5 危険 y-blog - yBlog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2669 2012-12-20 18:52 2008-06-11 Show GitHub Exploit DB Packet Storm
230285 4.3 警告 y-blog - yBlog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2668 2012-12-20 18:52 2008-06-11 Show GitHub Exploit DB Packet Storm
230286 7.5 危険 smeweb - SMEWeb の catalog.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2652 2012-12-20 18:52 2008-06-10 Show GitHub Exploit DB Packet Storm
230287 4.3 警告 smeweb - SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2644 2012-12-20 18:52 2008-06-10 Show GitHub Exploit DB Packet Storm
230288 7.5 危険 theflashblog - FlashBlog の php/leer_comentarios.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2572 2012-12-20 18:52 2008-06-6 Show GitHub Exploit DB Packet Storm
230289 4.3 警告 samtodo - SamTodo の dsp_main.php などにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2563 2012-12-20 18:52 2008-06-6 Show GitHub Exploit DB Packet Storm
230290 6.5 警告 powerphlogger - PowerPhlogger の edCss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2562 2012-12-20 18:52 2008-06-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291971 9.8 CRITICAL
Network 		swfupload_project swfupload There is an object injection vulnerability in swfupload plugin for wordpress. CWE-74
Injection 		CVE-2013-4144 2024-11-21 10:54 2022-07-1 Show GitHub Exploit DB Packet Storm
291972 6.5 MEDIUM
Network 		otrs otrs Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote atta… CWE-200
Information Exposure 		CVE-2013-4088 2024-11-21 10:54 2020-02-22 Show GitHub Exploit DB Packet Storm
291973 7.5 HIGH
Network 		opensips opensips A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2013-3722 2024-11-21 10:54 2020-02-18 Show GitHub Exploit DB Packet Storm
291974 9.8 CRITICAL
Network 		zabbix zabbix A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code. CWE-20
 Improper Input Validation  		CVE-2013-3738 2024-11-21 10:54 2020-02-18 Show GitHub Exploit DB Packet Storm
291975 9.8 CRITICAL
Network 		invisioncommunity invision_power_board Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. NVD-CWE-noinfo
CVE-2013-3725 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291976 7.5 HIGH
Network 		varnish_cache_project varnish_cache Varnish HTTP cache before 3.0.4: ACL bug NVD-CWE-Other
CVE-2013-4090 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291977 7.0 HIGH
Local 		spritesoftware spritebackup
spritebud 		A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, … CWE-362
Race Condition 		CVE-2013-3685 2024-11-21 10:54 2020-02-13 Show GitHub Exploit DB Packet Storm
291978 7.8 HIGH
Local 		daum potplayer Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability CWE-426
 Untrusted Search Path 		CVE-2013-3942 2024-11-21 10:54 2020-02-12 Show GitHub Exploit DB Packet Storm
291979 9.8 CRITICAL
Network 		imagely nextgen_gallery NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2013-3684 2024-11-21 10:54 2020-02-12 Show GitHub Exploit DB Packet Storm
291980 5.4 MEDIUM
Network 		projectpier projectpier ProjectPier 0.8.8 does not use the Secure flag for cookies CWE-79
Cross-site Scripting 		CVE-2013-3637 2024-11-21 10:54 2020-02-8 Show GitHub Exploit DB Packet Storm