Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232981	6.4	警告	Bharat Mediratta	-	Menalto Gallery におけるオープンリダイレクトの脆弱性	CWE-59 リンク解釈の問題	CVE-2007-6692	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232982	10	危険	Bharat Mediratta	-	Menalto Gallery における脆弱性	CWE-noinfo 情報不足	CVE-2007-6691	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232983	10	危険	Bharat Mediratta	-	Menalto Gallery の Gallery Remote モジュールにおける脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6690	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232984	7.5	危険	Bharat Mediratta	-	Menalto Gallery における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-6689	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232985	10	危険	Bharat Mediratta	-	Menalto Gallery のインストールアプリケーションにおける脆弱性	CWE-noinfo 情報不足	CVE-2007-6688	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232986	4.3	警告	Bharat Mediratta	-	Menalto Gallery におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6687	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232987	10	危険	Bharat Mediratta	-	Menalto Gallery の URL rewrite モジュールにおける任意のローカルファイルを実行される脆弱性	CWE-DesignError CWE-noinfo	CVE-2007-6686	2012-09-25 16:59	2007-12-24	Show	GitHub Exploit DB Packet Storm

232988	2.1	注意	IBM	-	IBM AIX の Trusted Execution における信頼済みファイルを変更される脆弱性	CWE-DesignError	CVE-2007-6680	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

232989	4.3	警告	peters software WordPress.org	-	WordPress 用の Peter's Random Anti-Spam Image におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6677	2012-09-25 16:59	2008-01-9	Show	GitHub Exploit DB Packet Storm

232990	4.3	警告	makale scripti	-	Makale Scripti におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6673	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
300151	-	lucas_rodriguez_san_pedro	yet_another_news_system	Multiple SQL injection vulnerabilities in the login_user function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b allow remote attackers to execute arbitrary SQL com…	NVD-CWE-Other	CVE-2006-5908	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300152	-	vallheru	vallheru	Multiple SQL injection vulnerabilities in mail.php in Vallheru before 1.0.7 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) to parameters. NOTE: some of these details …	NVD-CWE-Other	CVE-2006-5926	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300153	-	kahua	kahua	Kahua before 0.7, when running multiple applications under a single supervisor, grants application access on the basis of username instead of username and database name, which allows remote authentic…	NVD-CWE-Other	CVE-2006-5932	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300154	-	shopsystems	shopsystems	SQL injection vulnerability in index.php in ShopSystems 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the sessid parameter.	NVD-CWE-Other	CVE-2006-5935	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300155	-	grisoft	avg_antivirus	Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file.	CWE-20 Improper Input Validation	CVE-2006-5938	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300156	-	grisoft	avg_antivirus	Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtain…	CWE-369 Divide By Zero	CVE-2006-5939	2017-07-20 10:34	2006-11-16	Show	GitHub Exploit DB Packet Storm

300157	-	conxint	conxint_ftp_server	Multiple directory traversal vulnerabilities in Conxint FTP Server 2.2.0603, and possibly earlier, allow remote attackers to read arbitrary files and list arbitrary directories via directory traversa…	NVD-CWE-Other	CVE-2006-5947	2017-07-20 10:34	2006-11-17	Show	GitHub Exploit DB Packet Storm

300158	-	altools	alftp_ftp_server	Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD requ…	NVD-CWE-Other	CVE-2006-5949	2017-07-20 10:34	2006-11-17	Show	GitHub Exploit DB Packet Storm

300159	-	altools	alftp_ftp_server	Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN comman…	NVD-CWE-Other	CVE-2006-5950	2017-07-20 10:34	2006-11-17	Show	GitHub Exploit DB Packet Storm

300160	-	web_inhabit	a\+_store_e-commerce	SQL injection vulnerability in browse.asp in A+ Store E-Commerce allows remote attackers to execute arbitrary SQL commands via the ParentID parameter.	NVD-CWE-Other	CVE-2006-5959	2017-07-20 10:34	2006-11-17	Show	GitHub Exploit DB Packet Storm