Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241301 7.5 危険 endonesia - eNdonesia における SQL インジェクションの脆弱性 - CVE-2007-3394 2012-06-26 15:46 2007-06-26 Show GitHub Exploit DB Packet Storm
241302 9.3 危険 アップル
マイクロソフト		 - Apple Safari におけるバッファオーバーフローの脆弱性 - CVE-2007-3376 2012-06-26 15:46 2007-06-25 Show GitHub Exploit DB Packet Storm
241303 2.1 注意 Avahi - Avahi の Avahi デーモンにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3372 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241304 7.8 危険 cPanel - cPanel の scgiwrap における重要な情報を取得される脆弱性 - CVE-2007-3367 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241305 4.3 警告 cPanel - cPanel の scgiwrap におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3366 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241306 10 危険 ageet - ageet AGEphone における詳細不明な脆弱性 - CVE-2007-3363 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241307 7.8 危険 ageet
マイクロソフト
HTC Corporation		 - ageet AGEphone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3362 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241308 9.3 危険 bitchx - BitchX の hook.c における任意のコマンドを実行される脆弱性 - CVE-2007-3360 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241309 7.8 危険 マイクロソフト
AOL		 - AIM におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3350 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
241310 7.8 危険 aastra telecom - Aastra 9112i SIP Phone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3349 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291691 - yourfreeworld apartment_search_script Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header,… CWE-20
 Improper Input Validation  		CVE-2008-6684 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291692 - butterflymedia butterfly_organizer Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable p… CWE-79
Cross-site Scripting 		CVE-2008-6700 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291693 - preprojects pre_ads_portal Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.ph… CWE-79
Cross-site Scripting 		CVE-2008-6715 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291694 - preprojects pre_ads_portal homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. CWE-287
Improper Authentication 		CVE-2008-6716 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291695 - uochm signup U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct reques… CWE-287
Improper Authentication 		CVE-2008-6717 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291696 - uochm justbookit U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to… CWE-287
Improper Authentication 		CVE-2008-6718 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291697 - uochm justlistit U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via … CWE-287
Improper Authentication 		CVE-2008-6719 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291698 - deltascripts php_links SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin … CWE-89
SQL Injection 		CVE-2008-6720 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291699 - ajsquare aj_article SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). CWE-89
SQL Injection 		CVE-2008-6721 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm
291700 - turnkeyforms entertainment_portal TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. CWE-287
Improper Authentication 		CVE-2008-6723 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm