Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232191	3.5	注意	Mantis	-	Mantis の return_dynamic_filters.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3331	2012-09-25 17:17	2008-07-27	Show	GitHub Exploit DB Packet Storm

232192	4.3	警告	Moodle	-	Moodle における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-3327	2012-09-25 17:17	2008-07-16	Show	GitHub Exploit DB Packet Storm

232193	2.6	注意	Moodle	-	Moodle の blog/edit.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3326	2012-09-25 17:17	2008-07-16	Show	GitHub Exploit DB Packet Storm

232194	6	警告	Moodle	-	Moodle におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-3325	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

232195	7.6	危険	party gaming	-	PartyGaming PartyPoker クライアントプログラムにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-3324	2012-09-25 17:17	2008-08-18	Show	GitHub Exploit DB Packet Storm

232196	7.5	危険	maian	-	Maian Recipe の admin/index.php における管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3322	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

232197	7.5	危険	David Ian Bennett	-	Maian Uploader の admin/index.php における管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3321	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

232198	7.5	危険	maian	-	Maian Guestbook の admin/index.php における管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3320	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

232199	7.5	危険	maian	-	Maian Links の admin/index.php における管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3319	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

232200	7.5	危険	maian	-	Maian Weblog の admin/index.php における管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3318	2012-09-25 17:17	2008-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
299991	-	adobe	coldfusion	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error pa…	NVD-CWE-Other	CVE-2006-4726	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299992	-	tumbleweed	email_firewall	Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to injec…	CWE-79 Cross-site Scripting	CVE-2006-4727	2017-07-20 10:33	2006-12-31	Show	GitHub Exploit DB Packet Storm

299993	-	benjamin_pasero_and_tobias_eichert	rssowl	Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certa…	NVD-CWE-Other	CVE-2006-4760	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299994	-	luke_hutteman	sharpreader	Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman SharpReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of…	NVD-CWE-Other	CVE-2006-4761	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299995	-	rssreader	rssreader	Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Rober…	NVD-CWE-Other	CVE-2006-4762	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299996	-	stefan_ernst	newsscript	Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta allow remote attackers to (1) read arbitrary local files via a .. (dot dot) sequence in the ide parameter…	NVD-CWE-Other	CVE-2006-4767	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299997	-	stefan_ernst	newsscript	Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via the (1) description, (2)…	NVD-CWE-Other	CVE-2006-4768	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299998	-	sun	storedge_6130_arrays	Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to cause a denial of service (controller reboot) via a flood of traffic on the LAN.	NVD-CWE-Other	CVE-2006-4773	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

299999	-	webspell	webspell	SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID parameter.	NVD-CWE-Other	CVE-2006-4783	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm

300000	-	webspell	webspell	Successful exploitation requires that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2006-4783	2017-07-20 10:33	2006-09-14	Show	GitHub Exploit DB Packet Storm