Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233121 7.5 危険 viksoe - viksoe GMail Drive シェルエクステンションにおける仮想ファイルシステムのアクションを実行される脆弱性 - CVE-2006-5902 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
233122 6.8 警告 Zend Technologies Ltd. - Zend Framework Preview の incubator/tests/Zend/Http/_files/testRedirections.php サンプルコードにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5900 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
233123 5 警告 php heaven - PhpMyChat の localization/languages.lib.php3 におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5898 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
233124 5 警告 php heaven - PhpMyChat Plus におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-5897 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
233125 5 警告 remlab - REMLAB Web Mech Designer におけるスクリプトのフルパスを取得される脆弱性 - CVE-2006-5896 2012-12-20 18:02 2006-11-27 Show GitHub Exploit DB Packet Storm
233126 6.8 警告 rama cms - Rama CMS の lang.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5894 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
233127 7.5 危険 the net guys - The Net Guys ASPired2Poll の MoreInfo.asp における SQL インジェクションの脆弱性 - CVE-2006-5892 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
233128 7.5 危険 superfreaker studios - Superfreaker Studios Ustore の detail.asp における SQL インジェクションの脆弱性 - CVE-2006-5891 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
233129 7.5 危険 superfreaker studios - Superfreaker Studios Usupport の detail.asp における SQL インジェクションの脆弱性 - CVE-2006-5890 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
233130 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher の viewarticle.asp における SQL インジェクションの脆弱性 - CVE-2006-5888 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293421 - gwos groundwork_monitor html/System-NeDi.php in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the scan functionality in… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3509 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293422 - gwos groundwork_monitor html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via vectors invo… CWE-94
Code Injection 		CVE-2013-3508 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293423 - gwos groundwork_monitor The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to obtain sensitive information via a direct request for (1) a configuration file, (2) a database dump, or … CWE-200
Information Exposure 		CVE-2013-3507 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293424 - gwos groundwork_monitor cgi-bin/performance/perfchart.cgi in the Performance component in GroundWork Monitor Enterprise 6.7.0 does not properly restrict XML content, which allows remote attackers to execute arbitrary comman… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3506 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293425 - gwos groundwork_monitor The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to bypass intended access restrictions via a direct request for a (1) log file or (2) configuration f… CWE-255
Credentials Management 		CVE-2013-3505 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293426 - gwos groundwork_monitor Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to… CWE-22
Path Traversal 		CVE-2013-3504 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293427 - gwos groundwork_monitor The Profile Importer feature in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to read arbitrary files via an XML document containing an… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3503 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293428 - gwos groundwork_monitor monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by lev… CWE-255
Credentials Management 		CVE-2013-3502 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293429 - gwos groundwork_monitor Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the foundation-weba… CWE-79
Cross-site Scripting 		CVE-2013-3501 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
293430 - gwos groundwork_monitor The Foundation webapp admin interface in GroundWork Monitor Enterprise 6.7.0 uses the nagios account as the owner of writable files under /usr/local/groundwork, which allows context-dependent attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3500 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm