Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232201 5 警告 siteatschool - S@S の starnet/editors/htmlarea/popups/images.php における実行可能な拡張子を伴う任意のファイルをアップロードされる脆弱性 - CVE-2006-4922 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232202 7.5 危険 siteatschool - S@S における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4921 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232203 7.5 危険 siteatschool - S@S における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4920 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232204 2.6 注意 siteatschool - S@S の starnet/editors/htmlarea/popups/images.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4919 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232205 7.5 危険 simple discussion board - Simple Discussion Board における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4918 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232206 4.3 警告 pt news - PT News の search.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4917 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232207 7.5 危険 Qualiteam Software Limited - Qualiteam X-Cart の cmpi.php における任意のプログラム変数を上書きされる脆弱性 - CVE-2006-4904 2012-12-20 18:02 2006-09-20 Show GitHub Exploit DB Packet Storm
232208 10 危険 シマンテック - Symantec Veritas NetBackup の NetBackup bpcd デーモンにおける任意のコマンドを実行される脆弱性 - CVE-2006-4902 2012-12-20 18:02 2006-12-13 Show GitHub Exploit DB Packet Storm
232209 7.5 危険 phpbb xs - phpBB XS の bb_usage_stats/includes/bb_usage_stats.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4893 2012-12-20 18:02 2006-09-19 Show GitHub Exploit DB Packet Storm
232210 7.5 危険 techno dreams - Techno Dreams FAQ Manager Package の faqview.asp における SQL インジェクションの脆弱性 - CVE-2006-4892 2012-12-20 18:02 2006-09-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293781 - thomas_seidl search_api Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for request… CWE-352
 Origin Validation Error 		CVE-2012-5547 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293782 - rob_loach sharethis Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arb… CWE-79
Cross-site Scripting 		CVE-2012-5545 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293783 - thinkshout mandrill The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard. CWE-200
Information Exposure 		CVE-2012-5544 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293784 - feeds_project feeds The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes vi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5543 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293785 - pedro_cambra commerce_extra_panes Cross-site request forgery (CSRF) vulnerability in the Commerce Extra Panes module 7.x-1.x before 7.x-1.1 in Drupal allows remote attackers to hijack the authentication of administrators for requests… CWE-352
 Origin Validation Error 		CVE-2012-5542 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293786 - twitter_pull_project twitter_pull Cross-site scripting (XSS) vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via… CWE-79
Cross-site Scripting 		CVE-2012-5541 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293787 - tekritisoftware hostip Multiple cross-site scripting (XSS) vulnerabilities in the Hostip module 6.x-2.x before 6.x-2.2 and 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers with control of hostip.info to inject arbi… CWE-79
Cross-site Scripting 		CVE-2012-5540 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293788 - organic_groups_project organic_groups The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5539 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293789 - nathan_haug filefield_sources Cross-site scripting (XSS) vulnerability in the FileField Sources module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.6 for Drupal, when the field has "Reference existing" source enabled, allows r… CWE-79
Cross-site Scripting 		CVE-2012-5538 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm
293790 - simplenews_scheduler_project simplenews_scheduler The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling f… CWE-94
Code Injection 		CVE-2012-5537 2024-11-21 10:44 2012-12-4 Show GitHub Exploit DB Packet Storm