Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233151	10	危険	short url url tracker script	-	Yourfreeworld.com Short Url & Url Tracker Script における重要な情報を取得される脆弱性	-	CVE-2006-6460	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

233152	6.8	警告	phpBB	-	PhpBB Toplist の toplist.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6459	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

233153	5	警告	Tiki Software Community Association	-	Tikiwiki の tiki-wiki_rss.php における重要な情報 (MySQL ユーザ名およびパスワード) を取得される脆弱性	CWE-200 情報漏えい	CVE-2006-6457	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

233154	6.8	警告	swsoft	-	SWsoft Plesk におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6451	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

233155	6.4	警告	vt-forum	-	Vt-Forum Lite におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-6449	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

233156	7.5	危険	vt-forum	-	Vt-Forum Lite における SQL インジェクションの脆弱性	-	CVE-2006-6448	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

233157	6.8	警告	vt-forum	-	Vt-Forum Lite におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6447	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

233158	4.6	警告	Xerox	-	Xerox WorkCentre および WorkCentre Pro におけるセキュリティ制御を回避される脆弱性	-	CVE-2006-6441	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

233159	7.5	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro などにおける脆弱性	-	CVE-2006-6440	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

233160	7.8	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro における監査ログをダウンロードされる脆弱性	-	CVE-2006-6439	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292731	-		phpfox	phpfox	SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/.	CWE-89 SQL Injection	CVE-2013-5121	2024-11-21 10:57	2013-08-15	Show	GitHub Exploit DB Packet Storm

292732	-		phpfox	phpfox	SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/.	CWE-89 SQL Injection	CVE-2013-5120	2024-11-21 10:57	2013-08-15	Show	GitHub Exploit DB Packet Storm

292733	-		franz_holzinger	static_methods	Cross-site scripting (XSS) vulnerability in the Static Methods since 2007 (div2007) extension before 0.10.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…	CWE-79 Cross-site Scripting	CVE-2013-5100	2024-11-21 10:57	2013-08-10	Show	GitHub Exploit DB Packet Storm

292734	-		anchor	anchor_cms	Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some …	CWE-79 Cross-site Scripting	CVE-2013-5099	2024-11-21 10:57	2013-08-10	Show	GitHub Exploit DB Packet Storm

292735	-		mikejolley	download_monitor	Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort par…	CWE-79 Cross-site Scripting	CVE-2013-5098	2024-11-21 10:57	2013-08-10	Show	GitHub Exploit DB Packet Storm

292736	5.4	MEDIUM Network	otrs	otrs_itsm otrs	Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7 allows remote authenticated users to inject arbitrar…	CWE-79 Cross-site Scripting	CVE-2013-4718	2024-11-21 10:56	2021-08-10	Show	GitHub Exploit DB Packet Storm

292737	8.8	HIGH Network	otrs	otrs_itsm otrs	Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbi…	CWE-89 SQL Injection	CVE-2013-4717	2024-11-21 10:56	2021-08-10	Show	GitHub Exploit DB Packet Storm

292738	5.5	MEDIUM Network	prestashop	prestashop	PrestaShop before 1.4.11 allows logout CSRF.	CWE-352 Origin Validation Error	CVE-2013-4792	2024-11-21 10:56	2020-02-14	Show	GitHub Exploit DB Packet Storm

292739	5.4	MEDIUM Network	prestashop	prestashop	PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.	CWE-79 Cross-site Scripting	CVE-2013-4791	2024-11-21 10:56	2020-02-14	Show	GitHub Exploit DB Packet Storm

292740	6.5	MEDIUM Network	micasaverde	veralite_firmware	Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that insta…	CWE-352 Origin Validation Error	CVE-2013-4865	2024-11-21 10:56	2020-01-29	Show	GitHub Exploit DB Packet Storm