Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233111 7.5 危険 Powie - Powie pLink の linkto.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4357 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233112 7.5 危険 Powie - Powie PSCRIPT Forum の showprofil.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4355 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233113 7.5 危険 phpsmartcom - phpSmartCom の inc/pages/viewprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4352 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233114 7.5 危険 phpsmartcom - phpSmartCom の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4351 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233115 7.5 危険 vblogix - vbLOGIX Tutorial Script の main.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4350 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233116 4.3 警告 s0nic - s0nic Paranews の news.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4349 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233117 7.5 危険 Powie - Powie pNews の newskom.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4347 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233118 7.5 危険 talkback - TalkBack におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4346 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233119 7.5 危険 webportal - WebPortal CMS の download.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4345 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
233120 6 警告 vacilanda - Drupal 用の Brilliant Gallery モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4338 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291491 - openx openx Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL i… NVD-CWE-Other
CVE-2014-2230 2024-11-21 11:05 2014-10-23 Show GitHub Exploit DB Packet Storm
291492 - iii vtls-virtua Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua before 2013.2.4 and 2014.x before 2014.1.1 allow remote attackers to execute arbit… CWE-89
SQL Injection 		CVE-2014-2081 2024-11-21 11:05 2014-10-21 Show GitHub Exploit DB Packet Storm
291493 - seeddms seeddms Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary… CWE-22
Path Traversal 		CVE-2014-2279 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291494 - seeddms seeddms Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to execute arbitrary code by uploading a file with an executa… CWE-20
 Improper Input Validation  		CVE-2014-2278 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291495 - jenkins jenkins The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensit… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-2068 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291496 - jenkins jenkins Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies. CWE-287
Improper Authentication 		CVE-2014-2066 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291497 - jenkins jenkins Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie. CWE-79
Cross-site Scripting 		CVE-2014-2065 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291498 - jenkins jenkins The loadUserByUsername function in hudson/security/HudsonPrivateSecurityRealm.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to determine whether a user exists via vector… CWE-200
Information Exposure 		CVE-2014-2064 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291499 - jenkins jenkins Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors. NVD-CWE-noinfo
CVE-2014-2063 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm
291500 - jenkins jenkins Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the API token when a user is deleted, which allows remote authenticated users to retain access via the token. CWE-287
Improper Authentication 		CVE-2014-2062 2024-11-21 11:05 2014-10-18 Show GitHub Exploit DB Packet Storm