Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240651 5.1 警告 mybulletinboard - MyBB の attachment.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4449 2012-09-25 15:35 2006-08-29 Show GitHub Exploit DB Packet Storm
240652 5.1 警告 interact learning community environment - interact における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4448 2012-09-25 15:35 2006-08-29 Show GitHub Exploit DB Packet Storm
240653 5 警告 OpenBSD - OpenBSD の isakmpd における再生保護を回避される脆弱性 - CVE-2006-4436 2012-09-25 15:35 2006-08-25 Show GitHub Exploit DB Packet Storm
240654 4.9 警告 OpenBSD - OpenBSD におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4435 2012-09-25 15:35 2006-08-25 Show GitHub Exploit DB Packet Storm
240655 5 警告 phaos - Phaos の include_lang.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4420 2012-09-25 15:35 2006-08-28 Show GitHub Exploit DB Packet Storm
240656 7.5 危険 Ipswitch, Inc. - Ipswitch Collaboration の SMTP Daemon におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-4379 2012-09-25 15:35 2006-09-6 Show GitHub Exploit DB Packet Storm
240657 2.6 注意 Irfan Skiljan - IrfanView におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4374 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
240658 2.6 注意 integramod - IntegraMOD Portal の includes/functions_portal.php における絶対パストラバーサルの脆弱性 - CVE-2006-4369 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
240659 7.5 危険 integramod - IntegraMOD Portal における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4368 2012-09-25 15:35 2006-08-26 Show GitHub Exploit DB Packet Storm
240660 2.1 注意 MySQL AB - MySQL におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4380 2012-09-25 15:35 2005-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268761 8.8 HIGH
Network 		supsystic photo_gallery The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2016-10918 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268762 9.8 CRITICAL
Network 		search_everything_project search_everything The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316. CWE-89
SQL Injection 		CVE-2016-10917 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268763 9.8 CRITICAL
Network 		codepeople appointment_booking_calendar The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319. CWE-89
SQL Injection 		CVE-2016-10916 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268764 6.1 MEDIUM
Network 		pojo activity_log The aryo-activity-log plugin before 2.3.3 for WordPress has XSS. CWE-79
Cross-site Scripting 		CVE-2016-10891 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268765 6.1 MEDIUM
Network 		matchboxdesigngroup universal_analytics The universal-analytics plugin before 1.3.1 for WordPress has XSS. CWE-79
Cross-site Scripting 		CVE-2016-10912 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268766 6.1 MEDIUM
Network 		cozmoslabs profile_builder The profile-builder plugin before 2.4.2 for WordPress has multiple XSS issues. CWE-79
Cross-site Scripting 		CVE-2016-10911 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268767 6.1 MEDIUM
Network 		formbuilder_project formbuilder The formbuilder plugin before 1.06 for WordPress has multiple XSS issues. CWE-79
Cross-site Scripting 		CVE-2016-10910 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
268768 9.8 CRITICAL
Network 		codepeople booking_calendar_contact_form The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2016-10909 2024-11-21 11:45 2019-08-21 Show GitHub Exploit DB Packet Storm
268769 6.1 MEDIUM
Network 		codepeople booking_calendar_contact_form The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS. CWE-79
Cross-site Scripting 		CVE-2016-10908 2024-11-21 11:45 2019-08-21 Show GitHub Exploit DB Packet Storm
268770 8.8 HIGH
Network 		godaddy godaddy_email_marketing The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2016-10903 2024-11-21 11:45 2019-08-21 Show GitHub Exploit DB Packet Storm