Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239151 10 危険 gravity-gtd - Gravity GTD の library/setup/rpc.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5963 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239152 6.8 警告 gravity-gtd - Gravity GTD の library/setup/rpc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5962 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239153 7.5 危険 Activewebsoftwares - Active Test の start.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5959 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239154 7.5 危険 Activewebsoftwares - Active Test における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5958 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239155 5 警告 aspapps - ASP Template Creature におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5951 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239156 7.5 危険 aspapps - ASP Template Creature の media/media_level.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5950 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239157 7.5 危険 bncwi - BNCwi の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5948 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
239158 5 警告 factosystem - Facto におけるパスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5935 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
239159 7.5 危険 cmsisweb - CMS ISWEB の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5934 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
239160 4.3 警告 cmsisweb - CMS ISWEB の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5933 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257181 - joomla
mambo 		jambook PHP remote file inclusion vulnerability in jambook.php in the Jambook (com_Jambook) 1.0 beta7 module for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosCo… NVD-CWE-Other
CVE-2007-2196 2024-08-7 23:15 2007-04-25 Show GitHub Exploit DB Packet Storm
257182 - b2evolution b2evolution Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c)… NVD-CWE-Other
CVE-2007-2358 2024-08-7 23:15 2007-05-1 Show GitHub Exploit DB Packet Storm
257183 - mobilepublisherphp mobilepublisherphp PHP remote file inclusion vulnerability in MobilePublisherphp 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the auth_method parameter to (1) index.php, (2) list.php, (3) po… CWE-94
Code Injection 		CVE-2007-2084 2024-08-7 23:15 2007-04-18 Show GitHub Exploit DB Packet Storm
257184 - openconcept back-end_cms Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter to (1) click.php or … NVD-CWE-Other
CVE-2007-2097 2024-08-7 23:15 2007-04-18 Show GitHub Exploit DB Packet Storm
257185 - ivan_gallery_script ivan_gallery_script PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disput… NVD-CWE-Other
CVE-2007-2072 2024-08-7 23:15 2007-04-18 Show GitHub Exploit DB Packet Storm
257186 - maian weblog PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was dispute… NVD-CWE-Other
CVE-2007-2078 2024-08-7 23:15 2007-04-18 Show GitHub Exploit DB Packet Storm
257187 - - - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTM… - CVE-2024-7000 2024-08-7 22:35 2024-08-7 Show GitHub Exploit DB Packet Storm
257188 - redhat enterprise_linux The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the… CWE-189
Numeric Errors 		CVE-2007-1865 2024-08-7 22:15 2007-09-19 Show GitHub Exploit DB Packet Storm
257189 - bmc performance_manager PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP por… NVD-CWE-Other
CVE-2007-1972 2024-08-7 22:15 2007-04-23 Show GitHub Exploit DB Packet Storm
257190 - xodagallery xodagallery Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerability because administration.ph… NVD-CWE-Other
CVE-2007-2020 2024-08-7 22:15 2007-04-13 Show GitHub Exploit DB Packet Storm