Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230741 7.5 危険 phptree - PHPtree の plugin/HP_DEV/cms2.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2573 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230742 7.5 危険 XOOPS - XOOPS 用の wfquotes モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2571 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230743 7.5 危険 practical creative and code - Friendly における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2569 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230744 9.3 危険 vcdgear - VCDGear におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2568 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
230745 9.3 危険 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2567 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230746 5 警告 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2566 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230747 10 危険 sienzo - Sienzo DMM ActiveX コントロール におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2564 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230748 9.3 危険 versalsoft - VersalSoft HTTP File Upload ActiveX コントロール の AddFile 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2563 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230749 4.3 警告 podium cms - Podium CMS の Default.aspx におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-2555 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
230750 5 警告 Wikka Development Team - WikkaWiki の RecentChanges 機能における非公開ページの名前などを取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-2552 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292221 - sun sunos Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd). NVD-CWE-noinfo
CVE-2013-0398 2024-11-21 10:47 2013-07-17 Show GitHub Exploit DB Packet Storm
292222 - drupal drupal The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of othe… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-0246 2024-11-21 10:47 2013-07-17 Show GitHub Exploit DB Packet Storm
292223 - drupal drupal The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows rem… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-0245 2024-11-21 10:47 2013-07-17 Show GitHub Exploit DB Packet Storm
292224 - moxiecode
wordpress
fedoraproject 		plupload
wordpress
fedora 		Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web scrip… CWE-79
Cross-site Scripting 		CVE-2013-0237 2024-11-21 10:47 2013-07-9 Show GitHub Exploit DB Packet Storm
292225 - wordpress wordpress Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the con… CWE-79
Cross-site Scripting 		CVE-2013-0236 2024-11-21 10:47 2013-07-9 Show GitHub Exploit DB Packet Storm
292226 - wordpress wordpress The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, relat… NVD-CWE-Other
CVE-2013-0235 2024-11-21 10:47 2013-07-9 Show GitHub Exploit DB Packet Storm
292227 - ibm business_process_manager Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2013-0581 2024-11-21 10:47 2013-07-6 Show GitHub Exploit DB Packet Storm
292228 - ibm sterling_b2b_integrator
sterling_file_gateway 		IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors… CWE-200
Information Exposure 		CVE-2013-0568 2024-11-21 10:47 2013-07-3 Show GitHub Exploit DB Packet Storm
292229 - ibm sterling_b2b_integrator
sterling_file_gateway 		IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors… CWE-200
Information Exposure 		CVE-2013-0567 2024-11-21 10:47 2013-07-3 Show GitHub Exploit DB Packet Storm
292230 - ibm sterling_b2b_integrator
sterling_file_gateway 		Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecif… CWE-89
SQL Injection 		CVE-2013-0560 2024-11-21 10:47 2013-07-3 Show GitHub Exploit DB Packet Storm