Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 6, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 230421 | 7.5 | 危険 | spice classifieds | - | Spice Classifieds の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-4039 | 2012-12-20 18:52 | 2008-09-11 | Show | GitHub Exploit DB Packet Storm |
| 230422 | 4.3 | 警告 | PunBB | - | PunBB の userlist.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2008-3968 | 2012-12-20 18:52 | 2008-08-20 | Show | GitHub Exploit DB Packet Storm |
| 230423 | 2.6 | 注意 | ssmtp | - | ssmtp の ssmtp.c における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2008-3962 | 2012-12-20 18:52 | 2008-08-10 | Show | GitHub Exploit DB Packet Storm |
| 230424 | 7.5 | 危険 | Vastal I-Tech & Co. | - | Vastal I-Tech Shaadi Zone の keyword_search_action.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-3953 | 2012-12-20 18:52 | 2008-09-10 | Show | GitHub Exploit DB Packet Storm |
| 230425 | 7.5 | 危険 | Vastal I-Tech & Co. | - | Vastal I-Tech Agent Zone の view_ann.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-3951 | 2012-12-20 18:52 | 2008-09-10 | Show | GitHub Exploit DB Packet Storm |
| 230426 | 7.2 | 危険 | SUSE | - | Emacs の emacs/lisp/progmodes/python.el における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2008-3949 | 2012-12-20 18:52 | 2008-09-19 | Show | GitHub Exploit DB Packet Storm |
| 230427 | 7.5 | 危険 | xrms | - | XRMS の admin/users/self-2.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-3948 | 2012-12-20 18:52 | 2008-09-5 | Show | GitHub Exploit DB Packet Storm |
| 230428 | 7.5 | 危険 | source workshop | - | Words タグの index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-3945 | 2012-12-20 18:52 | 2008-09-5 | Show | GitHub Exploit DB Packet Storm |
| 230429 | 6.9 | 警告 | r foundation | - | javareconf における任意のファイルを上書きされる脆弱性 |
CWE-59
リンク解釈の問題 |
CVE-2008-3931 | 2012-12-20 18:52 | 2008-09-4 | Show | GitHub Exploit DB Packet Storm |
| 230430 | 7.2 | 危険 | tiger | - | genmsgidx の Tiger における任意のファイルを上書きされる脆弱性 |
CWE-59
リンク解釈の問題 |
CVE-2008-3927 | 2012-12-20 18:52 | 2008-09-4 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 6, 2026, 4:18 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 294871 | 7.5 |
HIGH
Network |
zavio |
f3105_firmware f312a_firmware |
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sen… |
CWE-798
Use of Hard-coded Credentials |
CVE-2013-2567 | 2024-11-21 10:51 | 2020-01-30 | Show | GitHub Exploit DB Packet Storm |
| 294872 | 9.8 |
CRITICAL
Network |
hcomm | xpient_iris | Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the… |
CWE-20
Improper Input Validation |
CVE-2013-2571 | 2024-11-21 10:51 | 2020-01-29 | Show | GitHub Exploit DB Packet Storm |
| 294873 | 7.5 |
HIGH
Network |
simplehrm | simplehrm | SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. |
CWE-200
Information Exposure |
CVE-2013-2499 | 2024-11-21 10:51 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 294874 | 7.5 |
HIGH
Network |
aws-dms | aws_xms | Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. |
CWE-22
Path Traversal |
CVE-2013-2474 | 2024-11-21 10:51 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 294875 | 7.2 |
HIGH
Network |
fudforum | fudforum | PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. |
CWE-94
Code Injection |
CVE-2013-2267 | 2024-11-21 10:51 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 294876 | 7.1 |
HIGH
Local |
monkey-project | monkey | Monkey HTTP Daemon has local security bypass |
CWE-668
Exposure of Resource to Wrong Sphere |
CVE-2013-2183 | 2024-11-21 10:51 | 2019-12-11 | Show | GitHub Exploit DB Packet Storm |
| 294877 | 9.8 |
CRITICAL
Network |
openstack redhat debian |
python-keystoneclient openstack debian_linux |
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass |
CWE-345
Insufficient Verification of Data Authenticity |
CVE-2013-2167 | 2024-11-21 10:51 | 2019-12-11 | Show | GitHub Exploit DB Packet Storm |
| 294878 | 9.8 |
CRITICAL
Network |
openstack redhat fedoraproject debian |
python-keystoneclient openstack fedora debian_linux |
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass |
CWE-326
Inadequate Encryption Strength |
CVE-2013-2166 | 2024-11-21 10:51 | 2019-12-11 | Show | GitHub Exploit DB Packet Storm |
| 294879 | 9.8 |
CRITICAL
Network |
monkey-project | monkey | Monkey HTTP Daemon: broken user name authentication |
CWE-287
Improper Authentication |
CVE-2013-2159 | 2024-11-21 10:51 | 2019-12-11 | Show | GitHub Exploit DB Packet Storm |
| 294880 | 9.8 |
CRITICAL
Network |
openshift-origin-controller_project | openshift-origin-controller | rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection |
CWE-74
Injection |
CVE-2013-2095 | 2024-11-21 10:51 | 2019-12-10 | Show | GitHub Exploit DB Packet Storm |