Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233011	6.8	警告	netbizcity	-	FAQMasterFlexPlus における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6634	2012-09-25 16:59	2008-01-3	Show	GitHub Exploit DB Packet Storm

233012	4.3	警告	netbizcity	-	FAQMasterFlexPlus におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6633	2012-09-25 16:59	2008-01-3	Show	GitHub Exploit DB Packet Storm

233013	7.5	危険	lscube	-	LScube libnemesi におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6631	2012-09-25 16:59	2008-01-3	Show	GitHub Exploit DB Packet Storm

233014	6.4	警告	joovili	-	Joovili の joovili.images.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6621	2012-09-25 16:59	2008-01-3	Show	GitHub Exploit DB Packet Storm

233015	6.4	警告	joovili	-	Joovili の include/images.inc.php におけるディレクトリトラバーサルの脆弱性の脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6620	2012-09-25 16:59	2008-01-3	Show	GitHub Exploit DB Packet Storm

233016	5	警告	Novell	-	Novell IDM 用の Fan-Out Driver Platform Services におけるサービス運用妨害 (DoS) の脆弱性	CWE-134 書式文字列の問題	CVE-2007-6625	2012-09-25 16:59	2007-12-21	Show	GitHub Exploit DB Packet Storm

233017	4.3	警告	Mantis	-	Mantis におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6611	2012-09-25 16:59	2007-12-19	Show	GitHub Exploit DB Packet Storm

233018	4.3	警告	openbiblio	-	OpenBiblio におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6608	2012-09-25 16:59	2007-12-31	Show	GitHub Exploit DB Packet Storm

233019	5	警告	openbiblio	-	OpenBiblio における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-6607	2012-09-25 16:59	2007-12-31	Show	GitHub Exploit DB Packet Storm

233020	5	警告	openbiblio	-	OpenBiblio における設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-6606	2012-09-25 16:59	2007-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
300241	-	usermin webmin	usermin webmin	Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source c…	CWE-79 Cross-site Scripting	CVE-2006-4542	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300242	-	usermin webmin	usermin webmin	This vulnerability is addressed in the following product releases: Webmin, Webmin, 1.296 Usermin, Usermin, 1.226	CWE-79 Cross-site Scripting	CVE-2006-4542	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300243	-	retro64	cr64loader_activex_control	Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of …	NVD-CWE-Other	CVE-2006-4555	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300244	-	phpnuke	myheadlines	Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.	NVD-CWE-Other	CVE-2006-4563	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300245	-	simplemachines	smf	SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote attackers to execute arbitrary SQL commands via the cur_cat parameter.	CWE-89 SQL Injection	CVE-2006-4564	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300246	-	simplemachines	smf	Successful exploitation requires privileges to add a new board.	CWE-89 SQL Injection	CVE-2006-4564	2017-07-20 10:33	2006-09-6	Show	GitHub Exploit DB Packet Storm

300247	-	the_address_book	the_address_book	Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote attackers to execute arbitrary SQL commands via the (1) lastname, (2) firstname, (3) passwordOld, (4) passwordNew, (5) id…	NVD-CWE-Other	CVE-2006-4575	2017-07-20 10:33	2006-12-31	Show	GitHub Exploit DB Packet Storm

300248	-	the_address_book	the_address_book	Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows remote attackers to inject arbitrary web script or HTML by uploading the HTML file with a GIF or JPG extension, which is rend…	NVD-CWE-Other	CVE-2006-4576	2017-07-20 10:33	2006-12-31	Show	GitHub Exploit DB Packet Storm

300249	-	the_address_book	the_address_book	Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) email, (2) websites, and (…	NVD-CWE-Other	CVE-2006-4577	2017-07-20 10:33	2006-12-31	Show	GitHub Exploit DB Packet Storm

300250	-	the_address_book	the_address_book	export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain se…	NVD-CWE-Other	CVE-2006-4578	2017-07-20 10:33	2006-12-31	Show	GitHub Exploit DB Packet Storm