Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230291 7.5 危険 junglescripts - JungleScripts Ajax Short Url Script の x/login における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4727 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
230292 5 警告 olivier michaud pierre-yves - Quickdev 4 PHP の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4726 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
230293 7.5 危険 paymentprocessorscript - PaymentProcessorScript.net PPScript の shop.htm における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4724 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
230294 7.5 危険 netpet - Netpet CMS の confirm.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4723 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
230295 6.8 警告 Limny - Limny の includes/functions.php の CheckLogin 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4722 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
230296 7.5 危険 liviu mitrofan - TYPO3 用の myth_download エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4701 2012-09-25 17:38 2010-03-15 Show GitHub Exploit DB Packet Storm
230297 7.5 危険 hypersilence - Silentum Guestbook の silentum_guestbook.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4687 2012-09-25 17:38 2010-03-10 Show GitHub Exploit DB Packet Storm
230298 7.5 危険 inertialfate - Joomla! の inertialFATE if_nexus コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4679 2012-09-25 17:38 2010-03-8 Show GitHub Exploit DB Packet Storm
230299 7.5 危険 mole-group - Restaurant Directory Script における admin パスワードを変更される脆弱性 CWE-287
不適切な認証 		CVE-2009-4675 2012-09-25 17:38 2010-03-5 Show GitHub Exploit DB Packet Storm
230300 7.5 危険 mole-group - Mole Group Sky Hunter Airline Ticket Sale Script などにおける任意のパスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-4674 2012-09-25 17:38 2010-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284941 - parallels virtuozzo_containers Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft)… CWE-352
 Origin Validation Error 		CVE-2008-6478 2018-10-12 05:57 2009-03-17 Show GitHub Exploit DB Packet Storm
284942 - parallels parallels_virtuozzo Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to mod… CWE-352
 Origin Validation Error 		CVE-2008-6479 2018-10-12 05:57 2009-03-17 Show GitHub Exploit DB Packet Storm
284943 - softnews_media_group datalife_engine Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use… CWE-352
 Origin Validation Error 		CVE-2008-6480 2018-10-12 05:57 2009-03-17 Show GitHub Exploit DB Packet Storm
284944 - shatm sharedlog PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLO… CWE-94
Code Injection 		CVE-2008-6486 2018-10-12 05:57 2009-03-19 Show GitHub Exploit DB Packet Storm
284945 - tp neostrada_livebox_adsl_router The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI. CWE-20
 Improper Input Validation  		CVE-2008-6497 2018-10-12 05:57 2009-03-20 Show GitHub Exploit DB Packet Storm
284946 - prestashop prestashop Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php. CWE-79
Cross-site Scripting 		CVE-2008-6503 2018-10-12 05:57 2009-03-21 Show GitHub Exploit DB Packet Storm
284947 - igniterealtime openfire Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. … CWE-22
Path Traversal 		CVE-2008-6508 2018-10-12 05:57 2009-03-24 Show GitHub Exploit DB Packet Storm
284948 - igniterealtime openfire SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. CWE-89
SQL Injection 		CVE-2008-6509 2018-10-12 05:57 2009-03-24 Show GitHub Exploit DB Packet Storm
284949 - igniterealtime openfire Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter. CWE-79
Cross-site Scripting 		CVE-2008-6510 2018-10-12 05:57 2009-03-24 Show GitHub Exploit DB Packet Storm
284950 - igniterealtime openfire Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. CWE-20
 Improper Input Validation  		CVE-2008-6511 2018-10-12 05:57 2009-03-24 Show GitHub Exploit DB Packet Storm