Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239301 7.5 危険 Activewebsoftwares - ActiveWebSoftwares ActiveVotes の VoteHistory.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5365 2012-06-26 16:03 2008-12-8 Show GitHub Exploit DB Packet Storm
239302 7.5 危険 bdigital web solutions - WebStudio CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5336 2012-06-26 16:03 2008-12-4 Show GitHub Exploit DB Packet Storm
239303 4.3 警告 easy-script - Wysi Wiki Wyg の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5323 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239304 7.8 危険 easy-script - Wysi Wiki Wyg におけるシステム情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-5322 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239305 6.5 警告 e107.org - e107 の usersettings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5320 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239306 7.8 危険 アップル
マイクロソフト		 - Apple iPhone Configuration Web Utility の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5315 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
239307 6.8 警告 Bharat Mediratta - Gallery における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-5296 2012-06-26 16:03 2008-11-21 Show GitHub Exploit DB Packet Storm
239308 7.5 危険 bdigital web solutions - WebStudio eCatalogue の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5294 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
239309 7.5 危険 bdigital web solutions - WebStudio eHotel の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5293 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
239310 7.5 危険 fuzzylime - FuzzyLime の code/track.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5291 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
308551 - allinta allinta Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery p… NVD-CWE-Other
CVE-2005-4374 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308552 - box_uk amaxus Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant … NVD-CWE-Other
CVE-2005-4375 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308553 - nma baseline_cms Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) PageID and (2) SiteNodeID parameters. NVD-CWE-Other
CVE-2005-4377 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308554 - nma baseline_cms SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter. NVD-CWE-Other
CVE-2005-4378 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308555 - caravel_cms caravel_cms Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 Beta 1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fileDN and (2) folderviewer_attrs p… NVD-CWE-Other
CVE-2005-4381 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308556 - cofax cofax Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. NVD-CWE-Other
CVE-2005-4385 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308557 - contenite contenite Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NVD-CWE-Other
CVE-2005-4387 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308558 - formicary_ltd. epix Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search query parameters. NVD-CWE-Other
CVE-2005-4394 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308559 - farcry farcry Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter. NVD-CWE-Other
CVE-2005-4395 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm
308560 - random_mouse_software red_queen redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to obtain the full server path via invalid (1) yellowpage_id, (2) skin_id, (3) supplier_id, and (4) module parameters, which leaks t… NVD-CWE-Other
CVE-2005-4405 2011-03-8 11:28 2005-12-20 Show GitHub Exploit DB Packet Storm