Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234551	5	警告	Neocrome	-	Neocrome Seditio における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-5915	2012-11-20 14:58	2012-11-17	Show	GitHub Exploit DB Packet Storm

234552	2.6	注意	Neocrome	-	Neocrome Seditio の system/functions.php 内の sed_import 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5914	2012-11-20 14:57	2012-11-17	Show	GitHub Exploit DB Packet Storm

234553	4.3	警告	WordPress Integrator Project	-	WordPress 用 WordPress Integrator モジュールの wp-integrator.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5913	2012-11-20 14:56	2012-11-17	Show	GitHub Exploit DB Packet Storm

234554	7.5	危険	Pico	-	PicoPublisher における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5912	2012-11-20 14:55	2012-11-17	Show	GitHub Exploit DB Packet Storm

234555	4.3	警告	b2evolution	-	b2evolution の blogs/blog1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5911	2012-11-20 14:55	2012-11-17	Show	GitHub Exploit DB Packet Storm

234556	6.5	警告	b2evolution	-	b2evolution の blogs/htsrv/viewfile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5910	2012-11-20 14:53	2012-11-17	Show	GitHub Exploit DB Packet Storm

234557	7.5	危険	MyBB Group	-	MyBB の admin/modules/user/users.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5909	2012-11-20 14:53	2012-11-17	Show	GitHub Exploit DB Packet Storm

234558	4.3	警告	MyBB Group	-	MyBB の admin/modules/user/users.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5908	2012-11-20 14:52	2012-11-17	Show	GitHub Exploit DB Packet Storm

234559	5	警告	TomatoCart	-	TomatoCart の json.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-5907	2012-11-20 14:41	2012-11-17	Show	GitHub Exploit DB Packet Storm

234560	4.3	警告	More Quick Tools	-	GreenBrowser におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5906	2012-11-20 14:24	2012-11-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346131	-	drupal	drupal_userreview_module	Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview module before 1.19 2006/09/12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	NVD-CWE-Other	CVE-2006-4821	2017-07-20 10:33	2006-09-16	Show	GitHub Exploit DB Packet Storm

346132	-	emusoft	emucms	Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page paramete…	NVD-CWE-Other	CVE-2006-4822	2017-07-20 10:33	2006-09-16	Show	GitHub Exploit DB Packet Storm

346133	-	claroline dokeos	claroline open_source_learning_and_knowledge_management_tool	PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP…	CWE-94 Code Injection	CVE-2006-4844	2017-07-20 10:33	2006-09-19	Show	GitHub Exploit DB Packet Storm

346134	-	claroline dokeos	claroline open_source_learning_and_knowledge_management_tool	Successful exploitation requires that "register_globals" is enabled. This vulnerability is addressed in the following product release: Claroline, Claroline, 1.7.8	CWE-94 Code Injection	CVE-2006-4844	2017-07-20 10:33	2006-09-19	Show	GitHub Exploit DB Packet Storm

346135	-	citrix	access_gateway	Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authent…	NVD-CWE-Other	CVE-2006-4846	2017-07-20 10:33	2006-09-19	Show	GitHub Exploit DB Packet Storm

346136	-	citrix	access_gateway	Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication. This vulnerability is addressed by hotfix AAC420W004.	NVD-CWE-Other	CVE-2006-4846	2017-07-20 10:33	2006-09-19	Show	GitHub Exploit DB Packet Storm

346137	-	bolinos	bolinos	PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath param…	NVD-CWE-Other	CVE-2006-4851	2017-07-20 10:33	2006-09-19	Show	GitHub Exploit DB Packet Storm

346138	-	qualiteam	x-cart	Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-Cart 4.1.3 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code, as demonst…	NVD-CWE-Other	CVE-2006-4904	2017-07-20 10:33	2006-09-21	Show	GitHub Exploit DB Packet Storm

346139	-	cisco	guard_ddos_mitigation_appliance	Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via cert…	NVD-CWE-Other	CVE-2006-4909	2017-07-20 10:33	2006-09-21	Show	GitHub Exploit DB Packet Storm

346140	-	a.l-pifou	a.l-pifou	Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote attackers to read arbitrary files via ".." sequences in the ze_langue_02 cookie, as demonstrated by using the choix_lng parameter to…	NVD-CWE-Other	CVE-2006-4914	2017-07-20 10:33	2006-09-21	Show	GitHub Exploit DB Packet Storm