Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231211 7.8 危険 Phpcms - phpCMS の parser/include/class.cache_phpcms.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0513 2012-12-20 18:34 2008-01-31 Show GitHub Exploit DB Packet Storm
231212 6.8 警告 WordPress.org - WordPress 用の Dean's Permalinks Migration プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0508 2012-12-20 18:34 2008-01-31 Show GitHub Exploit DB Packet Storm
231213 7.5 危険 WordPress.org - WordPress 用の AdServe プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0507 2012-12-20 18:34 2008-01-31 Show GitHub Exploit DB Packet Storm
231214 5.8 警告 加藤和良 - phpMyClub におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0501 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
231215 7.5 危険 WordPress.org - WordPress 用の fGallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0491 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
231216 7.5 危険 WordPress.org - WordPress 用の WP-Cal プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0490 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
231217 7.5 危険 vb marketing - VB Marketing の tseekdir.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0488 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
231218 7.5 危険 the net guys - ASPired2Protect の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0487 2012-12-20 18:34 2008-01-30 Show GitHub Exploit DB Packet Storm
231219 5 警告 webwiz - Web Wiz Rich Text Editor の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0481 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
231220 5 警告 webwiz - Web Wiz Forums におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0480 2012-12-20 18:34 2008-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291221 - christos_zoulas
php
debian 		file
php
debian_linux 		The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to ca… NVD-CWE-noinfo
CVE-2013-7345 2024-11-21 11:00 2014-03-25 Show GitHub Exploit DB Packet Storm
291222 - owncloud owncloud Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue … NVD-CWE-noinfo
CVE-2013-7344 2024-11-21 11:00 2014-03-25 Show GitHub Exploit DB Packet Storm
291223 - flowplayer flowplayer_html5 Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback para… CWE-79
Cross-site Scripting 		CVE-2013-7342 2024-11-21 11:00 2014-03-24 Show GitHub Exploit DB Packet Storm
291224 - flowplayer flowplayer_html5 Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding… CWE-79
Cross-site Scripting 		CVE-2013-7343 2024-11-21 11:00 2014-03-24 Show GitHub Exploit DB Packet Storm
291225 - flowplayer
moodle 		flowplayer_flash
moodle 		Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote a… CWE-79
Cross-site Scripting 		CVE-2013-7341 2024-11-21 11:00 2014-03-24 Show GitHub Exploit DB Packet Storm
291226 - videolan vlc_media_player VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. CWE-399
 Resource Management Errors 		CVE-2013-7340 2024-11-21 11:00 2014-03-21 Show GitHub Exploit DB Packet Storm
291227 - imagecms imagecms Cross-site request forgery (CSRF) vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q… CWE-352
 Origin Validation Error 		CVE-2013-7334 2024-11-21 11:00 2014-03-12 Show GitHub Exploit DB Packet Storm
291228 - citrix netscaler_application_delivery_controller_firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors… CWE-94
Code Injection 		CVE-2013-6943 2024-11-21 11:00 2014-03-11 Show GitHub Exploit DB Packet Storm
291229 - citrix netscaler_application_delivery_controller_firmware Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 b… CWE-79
Cross-site Scripting 		CVE-2013-6944 2024-11-21 11:00 2014-03-11 Show GitHub Exploit DB Packet Storm
291230 - citrix netscaler_application_delivery_controller_firmware Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell vi… NVD-CWE-noinfo
CVE-2013-6941 2024-11-21 11:00 2014-03-11 Show GitHub Exploit DB Packet Storm