Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231461	10	危険	stephen craton	-	Stephen Craton Chatness の admin/options.php における classes/vars.php などの設定ファイルを読まれる脆弱性	-	CVE-2007-2147	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

231462	7.5	危険	shoutpro	-	ShoutPro の shoutbox.php における shouts.php へ任意の PHP コードを挿入される脆弱性	-	CVE-2007-2141	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

231463	7.5	危険	rha7 downloads	-	XOOPS 用の rha7downloads モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-2107	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

231464	6.8	警告	wabbit	-	Wabbit PHP Gallery の showpic.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2098	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

231465	7.5	危険	tsdisplay4xoops	-	TSD4XOOPS の blocks/tsdisplay4xoops_block2.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2091	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

231466	6.8	警告	tumusika evolution	-	TuMusika Evolution の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2090	2012-12-20 18:19	2007-04-18	Show	GitHub Exploit DB Packet Storm

231467	7.5	危険	pl-php	-	pL-PHP の admin.php における認証を回避される脆弱性	-	CVE-2007-2007	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

231468	7.5	危険	pl-php	-	pL-PHP の login.php における SQL インジェクションの脆弱性	-	CVE-2007-2006	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

231469	7.5	危険	raphael limbach	-	Crea-Book の admin/admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-2000	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

231470	4.3	警告	Youngzsoft	-	CmailServer WebMail の mail/signup.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1991	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291571	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tag parameter to apps/bookmarks/…	CWE-79 Cross-site Scripting	CVE-2013-2041	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291572	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2013-2040	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291573	-	owncloud	owncloud	Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vecto…	CWE-22 Path Traversal	CVE-2013-2039	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291574	-	owncloud	owncloud	The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via u…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1963	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291575	-	fruux owncloud	sabredav owncloud	The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, w…	CWE-20 Improper Input Validation	CVE-2013-1939	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291576	-	owncloud	owncloud	Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbit…	NVD-CWE-Other	CVE-2013-1851	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291577	-	owncloud	owncloud	Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to ex…	CWE-94 Code Injection	CVE-2013-1850	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291578	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) qu…	CWE-79 Cross-site Scripting	CVE-2013-1822	2024-11-21 10:50	2014-03-15	Show	GitHub Exploit DB Packet Storm

291579	-	opensource_technologies	responsive_logo_slideshow	Cross-site scripting (XSS) vulnerability in the Responsive Logo Slideshow plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the "URL and Image" field.	CWE-79 Cross-site Scripting	CVE-2013-1759	2024-11-21 10:50	2014-03-14	Show	GitHub Exploit DB Packet Storm

291580	-	marekkis	watermark	Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pfad parameter to wp-admin/options…	CWE-79 Cross-site Scripting	CVE-2013-1758	2024-11-21 10:50	2014-03-14	Show	GitHub Exploit DB Packet Storm