Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230671	7.5	危険	phpdmca	-	phpDMCA における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2986	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230672	6.8	警告	tinx cms	-	TinX/cms におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2976	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230673	4.3	警告	tinx cms	-	TinX/cms の admin/objects/obj_image.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2975	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230674	7.5	危険	yektaweb	-	AWT YEKTA におけるセッションをハイジャックされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-2970	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230675	5	警告	yektaweb	-	AWT YEKTA の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2969	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230676	7.5	危険	yektaweb	-	AWT YEKTA の rating.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2968	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230677	4.3	警告	yektaweb	-	AWT YEKTA におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2967	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230678	7.5	危険	researchguide	-	ResearchGuide の guide.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2964	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

230679	2.6	注意	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2960	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

230680	5.8	警告	Edgewall Software	-	Trac の検索スクリプトにおけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-2951	2012-12-20 18:52	2008-07-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291291	-	organic_groups_project	organic_groups	The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7068	2024-11-21 11:00	2014-04-29	Show	GitHub Exploit DB Packet Storm

291292	-	organic_groups_project	organic_groups	The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7065	2024-11-21 11:00	2014-04-29	Show	GitHub Exploit DB Packet Storm

291293	-	freelance-it-consultant	eu_cookie_compliance	Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the "Administer EU Cookie Compliance pop…	CWE-79 Cross-site Scripting	CVE-2013-7064	2024-11-21 11:00	2014-04-29	Show	GitHub Exploit DB Packet Storm

291294	-	invitation_project	invitation	The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7063	2024-11-21 11:00	2014-04-29	Show	GitHub Exploit DB Packet Storm

291295	-	python apple	python mac_os_x	Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read,…	CWE-20 Improper Input Validation	CVE-2013-7338	2024-11-21 11:00	2014-04-22	Show	GitHub Exploit DB Packet Storm

291296	-	phpfox	phpfox	static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[it…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7196	2024-11-21 11:00	2014-04-19	Show	GitHub Exploit DB Packet Storm

291297	-	phpfox	phpfox	PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7195	2024-11-21 11:00	2014-04-19	Show	GitHub Exploit DB Packet Storm

291298	-	f-secure	email_and_server_security anti-virus server_security	SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant…	CWE-89 SQL Injection	CVE-2013-7369	2024-11-21 11:00	2014-04-18	Show	GitHub Exploit DB Packet Storm

291299	-	raoul_proenca	gnew	Multiple cross-site scripting (XSS) vulnerabilities in Gnew 2013.1 allow remote attackers to inject arbitrary web script or HTML via the gnew_template parameter to (1) users/profile.php, (2) articles…	CWE-79 Cross-site Scripting	CVE-2013-7368	2024-11-21 11:00	2014-04-16	Show	GitHub Exploit DB Packet Storm

291300	-	sap	enterprise_portal	SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7367	2024-11-21 11:00	2014-04-11	Show	GitHub Exploit DB Packet Storm