Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239591 7.5 危険 editeurscripts - EsFaq の questions.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3952 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
239592 5 警告 アップル - Apple iPhone の _web_drawInRect:withFont:ellipsis:alignment:measureOnly 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2008-3950 2012-06-26 16:02 2008-09-16 Show GitHub Exploit DB Packet Storm
239593 7.5 危険 discountedscripts - ACG-PTP の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3944 2012-06-26 16:02 2008-09-5 Show GitHub Exploit DB Packet Storm
239594 7.5 危険 ezonescripts - eZoneScripts Living Local の listtest.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3943 2012-06-26 16:02 2008-09-5 Show GitHub Exploit DB Packet Storm
239595 4.3 警告 bizdirectory - BizDirectory におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3941 2012-06-26 16:02 2008-09-5 Show GitHub Exploit DB Packet Storm
239596 5 警告 AVTECH - AVTECH PageR Enterprise の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3939 2012-06-26 16:02 2008-09-5 Show GitHub Exploit DB Packet Storm
239597 7.8 危険 DreamBox - Dreambox DM500C の Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3936 2012-06-26 16:02 2008-09-5 Show GitHub Exploit DB Packet Storm
239598 9.3 危険 EZB Systems - UltraISO におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-3871 2012-06-26 16:02 2009-04-1 Show GitHub Exploit DB Packet Storm
239599 6.9 警告 Debian - Citadel Server の migrate_aliases.sh における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-3930 2012-06-26 16:02 2008-08-24 Show GitHub Exploit DB Packet Storm
239600 7.2 危険 Ampache.org - Ampache の gather-messages.sh における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-3929 2012-06-26 16:02 2008-09-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257141 - trackeur trackeur PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute thi… NVD-CWE-Other
CVE-2007-4383 2024-08-8 00:15 2007-08-18 Show GitHub Exploit DB Packet Storm
257142 - stadtaus guestbook_script Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php,… CWE-94
Code Injection 		CVE-2007-4290 2024-08-8 00:15 2007-08-10 Show GitHub Exploit DB Packet Storm
257143 - jems_scripts bellabiblio BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with the value "administrator." NOTE: this issue is disputed by CVE and multiple third parties because t… NVD-CWE-Other
CVE-2007-4230 2024-08-8 00:15 2007-08-9 Show GitHub Exploit DB Packet Storm
257144 - pluck pluck Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter.… NVD-CWE-Other
CVE-2007-4180 2024-08-8 00:15 2007-08-8 Show GitHub Exploit DB Packet Storm
257145 - pluck pluck PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NO… NVD-CWE-Other
CVE-2007-4181 2024-08-8 00:15 2007-08-8 Show GitHub Exploit DB Packet Storm
257146 - vgallite vgallite Multiple PHP remote file inclusion vulnerabilities in vgallite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dirpath parameter to _functions.php or the (2) lang parameter … CWE-94
Code Injection 		CVE-2007-4169 2024-08-8 00:15 2007-08-7 Show GitHub Exploit DB Packet Storm
257147 - platon phpwebfilemanager PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disp… NVD-CWE-Other
CVE-2007-4117 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257148 - jelsoft vbulletin Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, … NVD-CWE-Other
CVE-2007-4120 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257149 - le_ralf ralf_image_gallery PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the … NVD-CWE-Other
CVE-2007-4127 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257150 - guidance_software encase Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are … CWE-399
 Resource Management Errors 		CVE-2007-4036 2024-08-8 00:15 2007-07-28 Show GitHub Exploit DB Packet Storm