Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239441 4.3 警告 goodlyrics - buymyscripts Lyrics Script の search_results.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4672 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239442 4.3 警告 ed putal - Ed Pudol Clickbank Portal の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4670 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239443 4.3 警告 dan fletcher - Dan Fletcher Recipe Script の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4669 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239444 7.5 危険 arabcms - ArabCMS の rss.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4667 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239445 6.8 警告 deeserver - Ultimate Webboard の webboard.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4666 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239446 7.5 危険 datingpro - PG Matchmaking における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4665 2012-06-26 16:02 2008-10-22 Show GitHub Exploit DB Packet Storm
239447 9.3 危険 Dart Communications - ActiveX 用の Dart Communications PowerTCP FTP の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4652 2012-06-26 16:02 2008-10-21 Show GitHub Exploit DB Packet Storm
239448 7.5 危険 Elxis - Elxis CMS におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2008-4649 2012-06-26 16:02 2008-10-21 Show GitHub Exploit DB Packet Storm
239449 4.3 警告 Elxis - Elxis CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4648 2012-06-26 16:02 2008-10-21 Show GitHub Exploit DB Packet Storm
239450 7.5 危険 astrospaces - AstroSPACES の profile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4642 2012-06-26 16:02 2008-10-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256701 - hinton_design phpht_topsites Multiple PHP remote file inclusion vulnerabilities in Hinton Design phpht Topsites allow remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter to (1) index.php, (2… NVD-CWE-Other
CVE-2006-5460 2024-08-8 05:15 2006-10-24 Show GitHub Exploit DB Packet Storm
256702 - phpbb_group phpbb PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the… NVD-CWE-Other
CVE-2006-5435 2024-08-8 05:15 2006-10-21 Show GitHub Exploit DB Packet Storm
256703 - phpadsnew phpadsnew Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the phpAds_config[language] parameter. NOTE: this issue coul… NVD-CWE-Other
CVE-2006-5437 2024-08-8 05:15 2006-10-21 Show GitHub Exploit DB Packet Storm
256704 - contenido contendio Remote file inclusion vulnerability in Contenido CMS allows remote attackers to execute arbitrary PHP code via a URL in the contenido_path parameter to (1) cms/dbfs.php or (2) cms/front_content.php. … NVD-CWE-Other
CVE-2006-5380 2024-08-8 05:15 2006-10-18 Show GitHub Exploit DB Packet Storm
256705 - greg_neustaetter gcards PHP remote file inclusion vulnerability in addnews.php in Greg Neustaetter gCards 1.13 allows remote attackers to execute arbitrary PHP code via a URL in the languagefile parameter. NOTE: another re… NVD-CWE-Other
CVE-2006-5255 2024-08-8 05:15 2006-10-13 Show GitHub Exploit DB Packet Storm
256706 - phpwebsite phpwebsite Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php… NVD-CWE-Other
CVE-2006-5234 2024-08-8 05:15 2006-10-11 Show GitHub Exploit DB Packet Storm
256707 - isearch isearch Multiple PHP remote file inclusion vulnerabilities in iSearch 2.16 allow remote attackers to execute arbitrary PHP code via a URL in the isearch_path parameter in (1) index.php, (2) viewcache.php, (3… NVD-CWE-Other
CVE-2006-5232 2024-08-8 05:15 2006-10-11 Show GitHub Exploit DB Packet Storm
256708 - mozilla firefox Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released… NVD-CWE-Other
CVE-2006-5159 2024-08-8 05:15 2006-10-5 Show GitHub Exploit DB Packet Storm
256709 - mozilla firefox Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comme… NVD-CWE-Other
CVE-2006-5160 2024-08-8 05:15 2006-10-5 Show GitHub Exploit DB Packet Storm
256710 - myphotos myphotos PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE … NVD-CWE-Other
CVE-2006-5095 2024-08-8 05:15 2006-09-30 Show GitHub Exploit DB Packet Storm