Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239541	7.5	危険	jiro	-	JBS の files/login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6091	2012-09-25 16:59	2007-11-21	Show	GitHub Exploit DB Packet Storm

239542	4.3	警告	Nuked-Klan	-	Nuked-Klan の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6090	2012-09-25 16:59	2007-11-21	Show	GitHub Exploit DB Packet Storm

239543	9.3	危険	mebiblio	-	meBiblio の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-6089	2012-09-25 16:59	2007-11-21	Show	GitHub Exploit DB Packet Storm

239544	7.5	危険	hotscripts	-	HotScripts の Clone Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6084	2012-09-25 16:59	2007-11-21	Show	GitHub Exploit DB Packet Storm

239545	7.5	危険	icebb	-	IceBB の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6083	2012-09-25 16:59	2007-11-21	Show	GitHub Exploit DB Packet Storm

239546	5	警告	Alexander Barton	-	ngIRCd の irc-channel.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-6062	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239547	4.3	警告	Liferay	-	Liferay Portal の c/portal/login におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6055	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239548	9.3	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-399 リソース管理の問題	CVE-2007-6053	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239549	7.8	危険	IBM	-	IBM DB2 UDB におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-6052	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239550	10	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6051	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
287071	-	invisioncommunity	invision_power_board	Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer he…	CWE-79 Cross-site Scripting	CVE-2014-5106	2024-11-21 11:11	2014-07-29	Show	GitHub Exploit DB Packet Storm

287072	-	ol-commerce_project	ol-commerce	Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) a_country parameter in a process action to affiliate…	CWE-79 Cross-site Scripting	CVE-2014-5105	2024-11-21 11:11	2014-07-29	Show	GitHub Exploit DB Packet Storm

287073	-	ol-commerce_project	ol-commerce	Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) a…	CWE-89 SQL Injection	CVE-2014-5104	2024-11-21 11:11	2014-07-29	Show	GitHub Exploit DB Packet Storm

287074	-	microsoft	windows_xp	Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a cra…	CWE-20 Improper Input Validation	CVE-2014-4971	2024-11-21 11:11	2014-07-27	Show	GitHub Exploit DB Packet Storm

287075	-	apple	quicktime	Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-4979	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm

287076	-	sabreairlinesolutions	crew_management crew_services crew_training crew_operations crew_planning	Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (…	CWE-89 SQL Injection	CVE-2014-4858	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm

287077	-	zohocorp	manageengine_eventlog_analyzer	Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote attackers to inject arbitrary web script or HTML via the j_username parameter to event/j_sec…	CWE-79 Cross-site Scripting	CVE-2014-5103	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm

287078	-	vbulletin	vbulletin	SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.	CWE-89 SQL Injection	CVE-2014-5102	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm

287079	-	webidsupport	webid	Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) T…	CWE-79 Cross-site Scripting	CVE-2014-5101	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm

287080	-	omeka	omeka	Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user accou…	CWE-352 Origin Validation Error	CVE-2014-5100	2024-11-21 11:11	2014-07-26	Show	GitHub Exploit DB Packet Storm