Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240681 5 警告 blue-collar productions - Blue-Collar Productions i-Gallery における base64エンコードされたパスワードを含むファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5777 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240682 5 警告 blue-collar productions - Blue-Collar Productions i-Gallery の igallery.asp におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5776 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240683 9.3 危険 BitDefender - BitDefender における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5775 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240684 5 警告 flatnuke3 - Flatnuke 3 の File Manager モジュールの index.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-5774 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240685 4.3 警告 flatnuke3 - Flatnuke 3 の File Manager モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5773 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240686 6 警告 flatnuke3 - Flatnuke 3 の download モジュールにおける description.it.php ファイルへ PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5772 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240687 7.5 危険 flatnuke3 - Flatnuke 3 における管理者のアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5771 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
240688 5 警告 globe7 - Globe7 ソフト電話クライアントにおける重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2007-5768 2012-06-26 15:54 2007-10-31 Show GitHub Exploit DB Packet Storm
240689 9.3 危険 AOL - AOL Radio の AmpX.dll の AOL AmpX ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5755 2012-06-26 15:54 2007-11-13 Show GitHub Exploit DB Packet Storm
240690 7.5 危険 agtc websolutions - PHP-AGTC Membership System の adduser.php におけるアカウントを作成される脆弱性 CWE-287
不適切な認証 		CVE-2007-5752 2012-06-26 15:54 2007-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291831 - umerinc songs_portal SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-5921 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291832 - asp-dev internal_e-mail_system Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) … CWE-89
SQL Injection 		CVE-2008-5926 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291833 - china-on-site flexphpnews Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2)… CWE-89
SQL Injection 		CVE-2008-5927 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291834 - flds-script flds SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-5928 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291835 - vpasp vp-asp_shopping_cart VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database containing the password via a direct… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5929 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291836 - the_net_guys aspired2blog SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. CWE-89
SQL Injection 		CVE-2008-5930 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291837 - the_net_guys aspired2blog The Net Guys ASPired2Blog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5931 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291838 - codeavalanche freeforum CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a dir… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5932 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291839 - cmsisweb cms_isweb Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the strcerca parameter (aka the input field for… CWE-79
Cross-site Scripting 		CVE-2008-5933 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm
291840 - cmsisweb cms_isweb SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter. CWE-89
SQL Injection 		CVE-2008-5934 2017-09-29 10:32 2009-01-22 Show GitHub Exploit DB Packet Storm