Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
234001 7.5 危険 justin koivisto - PHP 用の Justin Koivisto SecurityAdmin における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2628 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234002 7.5 危険 jakub steiner - Jakub Steiner の inc/config.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2620 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234003 10 危険 Novell - Novell NetMail の NMDMC.EXE サービスにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2616 2012-09-25 16:47 2007-05-4 Show GitHub Exploit DB Packet Storm
234004 4.3 警告 openld - OpenLD におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2610 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234005 7.5 危険 miplex2 - Miplex2 の lib/smarty/SmartyFU.class.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2608 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234006 7.5 危険 lavague - LaVague の views/print/printbar.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2607 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234007 7.8 危険 Ipswitch, Inc. - Ipswitch WhatsUp Gold の MIBEXTRA.EXE におけるバッファオーバーフローの脆弱性 - CVE-2007-2602 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234008 7.5 危険 マイクロソフト - Microsoft Windows 2003 Server の Terminal Server における中間者攻撃を実行される脆弱性 - CVE-2007-2593 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234009 4.3 警告 ノキア - Nokia Intellisync Mobile Suite などにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2592 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
234010 7.5 危険 ノキア - Nokia Intellisync Mobile Suite などの usrmgr/userList.asp におけるユーザアカウントを変更される脆弱性 - CVE-2007-2591 2012-09-25 16:47 2007-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285031 - juracapecoffee internet_connectivity_kit Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-7174 2018-10-12 05:58 2009-09-8 Show GitHub Exploit DB Packet Storm
285032 - alex_rabe nextgen_gallery Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture … CWE-79
Cross-site Scripting 		CVE-2008-7175 2018-10-12 05:58 2009-09-8 Show GitHub Exploit DB Packet Storm
285033 - diigo diigo_toolbar
diigolet 		Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment. CWE-79
Cross-site Scripting 		CVE-2008-7184 2018-10-12 05:58 2009-09-9 Show GitHub Exploit DB Packet Storm
285034 - gnome rhythmbox GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of service (segmentation fault and crash) via a playlist (.pls) file with a long Title field, possibly related to the g_hash_table_loo… CWE-20
 Improper Input Validation  		CVE-2008-7185 2018-10-12 05:58 2009-09-9 Show GitHub Exploit DB Packet Storm
285035 - coppermine-gallery coppermine_photo_gallery Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOT… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-7186 2018-10-12 05:58 2009-09-10 Show GitHub Exploit DB Packet Storm
285036 - coppermine-gallery coppermine_photo_gallery Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message. CWE-200
Information Exposure 		CVE-2008-7187 2018-10-12 05:58 2009-09-10 Show GitHub Exploit DB Packet Storm
285037 - woltlab burning_board Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for r… CWE-352
 Origin Validation Error 		CVE-2008-7192 2018-10-12 05:58 2009-09-10 Show GitHub Exploit DB Packet Storm
285038 - phpkit phpkit PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and us… CWE-352
 Origin Validation Error 		CVE-2008-7193 2018-10-12 05:58 2009-09-10 Show GitHub Exploit DB Packet Storm
285039 - insane_visions onecms Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.ph… CWE-89
SQL Injection 		CVE-2008-7208 2018-10-12 05:58 2009-09-12 Show GitHub Exploit DB Packet Storm
285040 - insane_visions onecms Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-7209 2018-10-12 05:58 2009-09-12 Show GitHub Exploit DB Packet Storm