Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232751 4.3 警告 ikiwiki - Ikiwiki の htmlscrubber におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0809 2012-09-25 16:59 2008-02-18 Show GitHub Exploit DB Packet Storm
232752 4.3 警告 ikiwiki - Ikiwiki の meta プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0808 2012-09-25 16:59 2008-02-18 Show GitHub Exploit DB Packet Storm
232753 4.9 警告 Horde - Horde Groupware などの turba2 Contact Manager におけるアドレスデータを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0807 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232754 3.6 注意 paul pelzl - wyred における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-0806 2012-09-25 16:59 2008-02-18 Show GitHub Exploit DB Packet Storm
232755 7.5 危険 lookstrike - LookStrike Lan Manager における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0803 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232756 7.5 危険 mediaslide
Joomla!		 - Joomla! 用の MediaSlide コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0802 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232757 7.5 危険 paxxgallery - Mambo および Joomla! 用の PAXXGallery コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0801 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232758 7.5 危険 Joomla! - Joolma! 用の McQuiz コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0800 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232759 7.5 危険 Mambo Foundation
Joomla!		 - Mambo および Joomla! 用の Quiz における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0799 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
232760 5 警告 itheora - iTheora の lib/download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0797 2012-09-25 16:59 2008-02-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
300131 - stefan_ernst newsscript Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via the (1) description, (2)… NVD-CWE-Other
CVE-2006-4768 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300132 - sun storedge_6130_arrays Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to cause a denial of service (controller reboot) via a flood of traffic on the LAN. NVD-CWE-Other
CVE-2006-4773 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300133 - webspell webspell SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID parameter. NVD-CWE-Other
CVE-2006-4783 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300134 - webspell webspell Successful exploitation requires that "magic_quotes_gpc" is disabled. NVD-CWE-Other
CVE-2006-4783 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300135 - moodle moodle Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or … NVD-CWE-Other
CVE-2006-4784 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300136 - moodle moodle Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups. NVD-CWE-Other
CVE-2006-4786 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300137 - alphamail alphamail AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained fr… NVD-CWE-Other
CVE-2006-4787 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
300138 - dws_systems_inc. sql-ledger SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. NVD-CWE-Other
CVE-2006-4798 2017-07-20 10:33 2006-09-15 Show GitHub Exploit DB Packet Storm
300139 - enlightenment imlib2 Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loa… NVD-CWE-Other
CVE-2006-4806 2017-07-20 10:33 2006-11-7 Show GitHub Exploit DB Packet Storm
300140 - enlightenment imlib2 loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds mem… NVD-CWE-Other
CVE-2006-4807 2017-07-20 10:33 2006-11-7 Show GitHub Exploit DB Packet Storm