Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230311	4.3	警告	quate	-	Quate CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2496	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230312	4.3	警告	TYPO3 Association	-	TYPO3 用の KJ Image Lightbox 2 エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2490	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230313	7.5	危険	TYPO3 Association	-	TYPO3 用の Frontend プラグインエクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2489	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230314	6.8	警告	xomol	-	Xomol CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2484	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230315	6.8	警告	xomol	-	Xomol CMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2483	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230316	10	危険	phpraider	-	phpRaider の authentication/phpbb3/phpbb3.functions.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2481	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230317	10	危険	plusphp	-	plusPHP Short URL Multi-User Script の plus.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2480	2012-12-20 18:52	2008-05-28	Show	GitHub Exploit DB Packet Storm

230318	7.5	危険	vBulletin Solutions, Inc.	-	vBulletin Gold の faq.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2460	2012-12-20 18:52	2008-05-27	Show	GitHub Exploit DB Packet Storm

230319	7.5	危険	phpclassifiedsscript	-	PHP Classifieds Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2453	2012-12-20 18:52	2008-05-27	Show	GitHub Exploit DB Packet Storm

230320	4.3	警告	TYPO3 Association	-	TYPO3 用の Questionaire エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2452	2012-12-20 18:52	2008-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294051	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tag parameter to apps/bookmarks/…	CWE-79 Cross-site Scripting	CVE-2013-2041	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294052	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2013-2040	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294053	-	owncloud	owncloud	Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vecto…	CWE-22 Path Traversal	CVE-2013-2039	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294054	-	owncloud	owncloud	The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via u…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1963	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294055	-	fruux owncloud	sabredav owncloud	The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, w…	CWE-20 Improper Input Validation	CVE-2013-1939	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294056	-	owncloud	owncloud	Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbit…	NVD-CWE-Other	CVE-2013-1851	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294057	-	owncloud	owncloud	Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to ex…	CWE-94 Code Injection	CVE-2013-1850	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294058	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) qu…	CWE-79 Cross-site Scripting	CVE-2013-1822	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

294059	-	opensource_technologies	responsive_logo_slideshow	Cross-site scripting (XSS) vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field.	CWE-79 Cross-site Scripting	CVE-2013-1759	2024-11-21 10:50	2014-03-14	Show	GitHub Exploit DB Packet Storm

294060	-	marekkis	watermark	Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pfad parameter to wp-admin/options…	CWE-79 Cross-site Scripting	CVE-2013-1758	2024-11-21 10:50	2014-03-14	Show	GitHub Exploit DB Packet Storm