Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239581 9.3 危険 friendly technologies - Friendly Technologies FriendlyPPPoE Client における任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4050 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239582 6.8 警告 friendly technologies - Friendly Technologies FriendlyPPPoE Client の fwRemoteCfg.dll における任意のプログラムを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4049 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239583 6.8 警告 friendly technologies - Friendly Technologies FriendlyPPPoE Client の fwRemoteCfg.dll におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4048 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239584 7.5 危険 elitecms - eliteCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4046 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239585 4.3 警告 @mail - @Mail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4045 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239586 7.5 危険 aj square - AJ Square aj-hyip の article/readarticle.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4044 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239587 7.5 危険 aj square - AJ Square AJ HYIP Acme における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4043 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239588 9.3 危険 gmanedit2 - gmanedit の open_man_file 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3971 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
239589 7.5 危険 bitlbee - BitlBee における既存のアカウントを "上書き" される脆弱性 CWE-264
CWE-399
CVE-2008-3969 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
239590 7.5 危険 AlstraSoft - AlstraSoft Forum Pay Per Post Exchange の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3954 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256711 - net2ftp net2ftp PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE:… NVD-CWE-Other
CVE-2006-5097 2024-08-8 05:15 2006-09-30 Show GitHub Exploit DB Packet Storm
256712 - my-bic my-bic PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. NOTE: the provenance of t… NVD-CWE-Other
CVE-2006-5089 2024-08-8 05:15 2006-09-30 Show GitHub Exploit DB Packet Storm
256713 - php_system_administration_toolkit php_system_administration_toolkit PHP remote file inclusion vulnerability in loader.php in PHP System Administration Toolkit (PHPSaTK) allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config] parameter. … NVD-CWE-Other
CVE-2006-5067 2024-08-8 05:15 2006-09-28 Show GitHub Exploit DB Packet Storm
256714 - squiz mysource_classic
mysource_matrix 		MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server… NVD-CWE-Other
CVE-2006-5036 2024-08-8 05:15 2006-09-28 Show GitHub Exploit DB Packet Storm
256715 - squiz mysource_matrix MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP … NVD-CWE-Other
CVE-2006-5037 2024-08-8 05:15 2006-09-28 Show GitHub Exploit DB Packet Storm
256716 - marc_cagninacci mclinkscounter Multiple PHP remote file inclusion vulnerabilities in Marc Cagninacci mcLinksCounter 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the langfile parameter in (1) login.php, (2)… CWE-94
Code Injection 		CVE-2006-4863 2024-08-8 05:15 2006-09-20 Show GitHub Exploit DB Packet Storm
256717 - hitweb hitweb Multiple PHP remote file inclusion vulnerabilities in Brian Fraval Hitweb 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REP_CLASS parameter to (1) index.php, (2) arbo.php,… NVD-CWE-Other
CVE-2006-4848 2024-08-8 05:15 2006-09-19 Show GitHub Exploit DB Packet Storm
256718 - phpopenchat phpopenchat PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was … NVD-CWE-Other
CVE-2006-4677 2024-08-8 05:15 2006-09-12 Show GitHub Exploit DB Packet Storm
256719 - linux linux_kernel The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local us… NVD-CWE-Other
CVE-2006-4663 2024-08-8 05:15 2006-09-9 Show GitHub Exploit DB Packet Storm
256720 - modulebased_cms modulebased_cms PHP remote file inclusion vulnerability in ModuleBased CMS Pre-Alpha allows remote attackers to execute arbitrary PHP code via the _SERVER parameter in (1) admin/avatar.php, (2) libs/archive.class.ph… NVD-CWE-Other
CVE-2006-4545 2024-08-8 05:15 2006-09-6 Show GitHub Exploit DB Packet Storm