Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239301 7.5 危険 Activewebsoftwares - ActiveWebSoftwares ActiveVotes の VoteHistory.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5365 2012-06-26 16:03 2008-12-8 Show GitHub Exploit DB Packet Storm
239302 7.5 危険 bdigital web solutions - WebStudio CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5336 2012-06-26 16:03 2008-12-4 Show GitHub Exploit DB Packet Storm
239303 4.3 警告 easy-script - Wysi Wiki Wyg の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5323 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239304 7.8 危険 easy-script - Wysi Wiki Wyg におけるシステム情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-5322 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239305 6.5 警告 e107.org - e107 の usersettings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5320 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239306 7.8 危険 アップル
マイクロソフト		 - Apple iPhone Configuration Web Utility の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5315 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239307 6.8 警告 Bharat Mediratta - Gallery における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-5296 2012-06-26 16:03 2008-11-21 Show GitHub Exploit DB Packet Storm
239308 7.5 危険 bdigital web solutions - WebStudio eCatalogue の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5294 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
239309 7.5 危険 bdigital web solutions - WebStudio eHotel の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5293 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
239310 7.5 危険 fuzzylime - FuzzyLime の code/track.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5291 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256661 - osu_open_source_lab maintain PHP remote file inclusion vulnerability in lib/php/phphtmllib-2.5.4/examples/example6.php for maintain 3.0.0-RC2 allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib para… NVD-CWE-Other
CVE-2006-7120 2024-08-8 06:15 2007-03-6 Show GitHub Exploit DB Packet Storm
256662 - smarty smarty PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disc… CWE-94
Code Injection 		CVE-2006-7105 2024-08-8 06:15 2007-03-4 Show GitHub Exploit DB Packet Storm
256663 - develooping flash_chat PHP remote file inclusion vulnerability in adminips.php in Develooping Flash Chat allows remote attackers to execute arbitrary PHP code via a URL in the banned_file parameter. NOTE: CVE disputes thi… NVD-CWE-Other
CVE-2006-7011 2024-08-8 06:15 2007-02-15 Show GitHub Exploit DB Packet Storm
256664 - simple_machines simple_machines_forum QueryString.php in Simple Machines Forum (SMF) 1.0.7 and earlier, and 1.1rc2 and earlier, allows remote attackers to more easily spoof the IP address and evade banning via a modified X-Forwarded-For … NVD-CWE-Other
CVE-2006-7013 2024-08-8 06:15 2007-02-15 Show GitHub Exploit DB Packet Storm
256665 - jobline jobline PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter. NOTE: CVE disputes… NVD-CWE-Other
CVE-2006-7015 2024-08-8 06:15 2007-02-15 Show GitHub Exploit DB Packet Storm
256666 - robin_de_graff somery PHP remote file inclusion vulnerability in upload/admin/team.php in Robin de Graff Somery 0.4.4 allows remote attackers to execute arbitrary PHP code via a URL in the checkauth parameter. NOTE: CVE … NVD-CWE-Other
CVE-2006-7006 2024-08-8 06:15 2007-02-13 Show GitHub Exploit DB Packet Storm
256667 - centipaid centipaid PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been di… CWE-94
Code Injection 		CVE-2006-6975 2024-08-8 06:15 2007-02-9 Show GitHub Exploit DB Packet Storm
256668 - enigma wordpress_bridge PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE… NVD-CWE-Other
CVE-2006-6863 2024-08-8 06:15 2006-12-31 Show GitHub Exploit DB Packet Storm
256669 - phpirc_bot phpirc_bot PHP remote file inclusion vulnerability in php4you.php in PHPIrc_bot 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE, si… NVD-CWE-Other
CVE-2006-6883 2024-08-8 06:15 2006-12-31 Show GitHub Exploit DB Packet Storm
256670 - rad_inks rad_upload PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to execute arbitrary PHP code via a URL in the save_path parameter. NOTE: CVE disputes this vulnerabi… NVD-CWE-Other
CVE-2006-6549 2024-08-8 06:15 2006-12-15 Show GitHub Exploit DB Packet Storm