Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 2:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239071 4.3 警告 php heaven - PHPMyChat におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6297 2012-09-25 16:59 2007-12-10 Show GitHub Exploit DB Packet Storm
239072 4.3 警告 IBM - IBM Lotus Sametime のオンラインミーティングセンタにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6295 2012-09-25 16:59 2007-12-6 Show GitHub Exploit DB Packet Storm
239073 4.9 警告 IBM - IBM HMC における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6294 2012-09-25 16:59 2007-12-7 Show GitHub Exploit DB Packet Storm
239074 10 危険 IBM - IBM HMC における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-6293 2012-09-25 16:59 2007-12-7 Show GitHub Exploit DB Packet Storm
239075 7.5 危険 mwopen - MWOpen の leggi_commenti.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6292 2012-09-25 16:59 2007-12-10 Show GitHub Exploit DB Packet Storm
239076 5 警告 iptel - SERWeb の js/get_js.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6290 2012-09-25 16:59 2007-12-10 Show GitHub Exploit DB Packet Storm
239077 6.8 警告 iptel - SerWeb における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6289 2012-09-25 16:59 2007-12-10 Show GitHub Exploit DB Packet Storm
239078 4.3 警告 lxlabs - Lxlabs HyperVM のログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6287 2012-09-25 16:59 2007-12-10 Show GitHub Exploit DB Packet Storm
239079 10 危険 Lyris - Lyris ListManager における管理者権限のリストを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6319 2012-09-25 16:59 2008-02-19 Show GitHub Exploit DB Packet Storm
239080 9.3 危険 ヒューレット・パッカード - HP QLBCTRL.exe の hpinfocenter.exe における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6331 2012-09-25 16:59 2007-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346011 - rwiki rwiki Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NVD-CWE-Other
CVE-2006-2581 2017-07-20 10:31 2006-05-25 Show GitHub Exploit DB Packet Storm
346012 - rwiki rwiki The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors. NVD-CWE-Other
CVE-2006-2582 2017-07-20 10:31 2006-05-25 Show GitHub Exploit DB Packet Storm
346013 - greg_donald destiney_links_script SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the de… NVD-CWE-Other
CVE-2006-2585 2017-07-20 10:31 2006-05-25 Show GitHub Exploit DB Packet Storm
346014 - iplogger iplogger Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the HTTP_REFERER header in an HTTP request. NVD-CWE-Other
CVE-2006-2586 2017-07-20 10:31 2006-05-25 Show GitHub Exploit DB Packet Storm
346015 - dschat dschat Unspecified vulnerability in DSChat 1.0 allows remote attackers to execute arbitrary PHP code via the Nickname field, which is not sanitized before creating a file in a user directory. NOTE: the pro… NVD-CWE-Other
CVE-2006-2592 2017-07-20 10:31 2006-05-25 Show GitHub Exploit DB Packet Storm
346016 - mediawiki mediawiki Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vect… NVD-CWE-Other
CVE-2006-2611 2017-07-20 10:31 2006-05-26 Show GitHub Exploit DB Packet Storm
346017 - sun n1_system_manager Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the world-readable scripts (1) /cr/hd_jobs_db.sh, (2) /cr/hd_plan_checkin.sh, and (3) /cr/oracle_plan_check… NVD-CWE-Other
CVE-2006-2614 2017-07-20 10:31 2006-05-26 Show GitHub Exploit DB Packet Storm
346018 - linux linux_kernel Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing… NVD-CWE-Other
CVE-2006-2629 2017-07-20 10:31 2006-05-27 Show GitHub Exploit DB Packet Storm
346019 - cosmicphp cosmicshoppingcart Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow r… CWE-79
Cross-site Scripting 		CVE-2006-2649 2017-07-20 10:31 2006-05-30 Show GitHub Exploit DB Packet Storm
346020 - cosmicphp cosmicshoppingcart SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter. NVD-CWE-Other
CVE-2006-2650 2017-07-20 10:31 2006-05-30 Show GitHub Exploit DB Packet Storm