Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241081 10 危険 e-commerce solutions - E-Commerce Scripts Shopping Cart Script の admin.aspx における SQL インジェクションの脆弱性 - CVE-2007-4121 2012-06-26 15:54 2007-08-1 Show GitHub Exploit DB Packet Storm
241082 7.5 危険 berthanas ziyaretci - Berthanas Ziyaretci Defteri 2.0 の yonetici.asp における SQL インジェクションの脆弱性 - CVE-2007-4119 2012-06-26 15:54 2007-08-1 Show GitHub Exploit DB Packet Storm
241083 3.5 注意 awbs - AWBS における他の専用サーバの設定データを取得される脆弱性 - CVE-2007-4113 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241084 6.8 警告 awbs - AWBS における SQL インジェクションの脆弱性 - CVE-2007-4112 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241085 6.8 警告 codewidgets - Real Estate listing website アプリケーションテンプレートのログインスクリプトにおける SQL インジェクションの脆弱性 - CVE-2007-4111 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241086 7.5 危険 codewidgets - Message Board / Threaded Discussion Forum Application Template の sign_in.aspx における SQL インジェクションの脆弱性 - CVE-2007-4110 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241087 7.5 危険 codewidgets - Online Store Application Template の sign_in.aspx における SQL インジェクションの脆弱性 - CVE-2007-4109 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241088 7.5 危険 codewidgets - Online Event Registration Template の sign_in.aspx における SQL インジェクションの脆弱性 - CVE-2007-4108 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241089 6.8 警告 codewidgets - CodeWidgets Pay Roll - Time Sheet and Punch Card Application における SQL インジェクションの脆弱性 - CVE-2007-4106 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
241090 9.3 危険 Baidu, Inc. - Baidu Soba Search Bar の BaiduBar.dll の特定の ActiveX コントロールにおける任意のコードを実行される脆弱性 - CVE-2007-4105 2012-06-26 15:54 2007-07-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292491 - freelyrics freelyrics Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details ar… CWE-22
Path Traversal 		CVE-2008-5861 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
292492 - webcamxp webcamxp Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. CWE-22
Path Traversal 		CVE-2008-5862 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
292493 - v-gn userlocator SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user ac… CWE-89
SQL Injection 		CVE-2008-5863 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
292494 - joomlahbs com_tophotelmodule
hotel_booking_reservation_system 		SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL co… CWE-89
SQL Injection 		CVE-2008-5864 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
292495 - joomlahbs hotel_booking_reservation_system SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_… CWE-89
SQL Injection 		CVE-2008-5865 2017-09-29 10:32 2009-01-7 Show GitHub Exploit DB Packet Storm
292496 - intellitamper intellitamper Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-5868 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
292497 - yerba yerba Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5873 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
292498 - joomlahbs com_5starhotels
com_allhotels
hotel_booking_reservation_system 		Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetail… CWE-89
SQL Injection 		CVE-2008-5874 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
292499 - joomlahbs com_lowcosthotels
hotel_booking_reservation_system 		SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id param… CWE-89
SQL Injection 		CVE-2008-5875 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm
292500 - phpclanwebsite phpclanwebsite Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (… CWE-89
SQL Injection 		CVE-2008-5877 2017-09-29 10:32 2009-01-9 Show GitHub Exploit DB Packet Storm