Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240371	7.5	危険	boastmachine	-	boastMachine の mail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0422	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

240372	5.5	警告	Belkin International	-	Belkin Wireless G Plus MIMO Router F5D9230-4 の Web サーバにおける設定を変更される脆弱性	CWE-287 不適切な認証	CVE-2008-0403	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

240373	4.3	警告	aflog	-	aflog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0398	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

240374	6.8	警告	aflog	-	aflog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0397	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

240375	7.8	危険	BitDefender	-	複数の BitDefender 製品で使用される BitDefender Update Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0396	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

240376	7.5	危険	citadel	-	Citadel SMTP サーバにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0394	2012-06-26 15:54	2008-01-23	Show	GitHub Exploit DB Packet Storm

240377	5.8	警告	gradman	-	GradMan の info.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0393	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

240378	7.5	危険	alilg	-	aliTalk の inc/elementz.php における任意のユーザアカウントを追加される脆弱性	CWE-287 不適切な認証	CVE-2008-0391	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

240379	7.5	危険	AuraCMS	-	AuraCMS のstat.php における online.db.txt へ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2008-0390	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

240380	7.8	危険	Firebird Project	-	Firebird SQL における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-0387	2012-06-26 15:54	2008-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292091	-	ip_reg	ip_reg	Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id paramete…	CWE-89 SQL Injection	CVE-2008-4606	2017-09-29 10:32	2008-10-18	Show	GitHub Exploit DB Packet Storm

292092	-	portalapp	portalapp	SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.	CWE-89 SQL Injection	CVE-2008-4613	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292093	-	portalapp	portalapp	PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.	CWE-287 Improper Authentication	CVE-2008-4614	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292094	-	pyxicom	actualite	SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2008-4617	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292095	-	mrbs	mrbs	SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.ph…	CWE-89 SQL Injection	CVE-2008-4620	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292096	-	zeescripts	zeeproperty	SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter.	CWE-89 SQL Injection	CVE-2008-4621	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292097	-	phpfastnews	phpfastnews	The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 allows remote attackers to bypass authentication and gain administrative access by setting the fn-loggedin cookie to 1.	CWE-287 Improper Authentication	CVE-2008-4622	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292098	-	martin_diphoorn	com_ds-syndicate	SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php.	CWE-89 SQL Injection	CVE-2008-4623	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292099	-	ftrsoft	fast_click_sql_lite	PHP remote file inclusion vulnerability in init.php in Fast Click SQL Lite 1.1.7, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CFG[CDIR] pa…	CWE-94 Code Injection	CVE-2008-4624	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm

292100	-	shiftthis	shifthis_newsletter	SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter,…	CWE-89 SQL Injection	CVE-2008-4625	2017-09-29 10:32	2008-10-21	Show	GitHub Exploit DB Packet Storm