Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241471 10 危険 AlstraSoft - AlstraSoft E-Friends の paypal.php における SQL インジェクションの脆弱性 - CVE-2007-2824 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241472 4.3 警告 Cactusoft International FZ-LLC & Cactusoft Ltd. - CactuSoft Parodia の cand_login.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2818 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241473 10 危険 gazi download portal - Gazi Download Portal の down_indir.asp における SQL インジェクションの脆弱性 - CVE-2007-2810 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241474 4.3 警告 GNU Project
yngve svendsen		 - Gnatsweb および Gnats の Gnatsweb におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2808 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241475 6.8 警告 eggheads - Eggdrop の mod/server.mod/servrmsg.c におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2807 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
241476 5.8 警告 galix - GaliX の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2806 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241477 4.3 警告 clientexec - CE の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2805 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241478 4.3 警告 candypress - CandyPress Store の scripts/prodList.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2804 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
241479 4.3 警告 eticket - eTicket の open.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-2801 2012-06-26 15:46 2007-06-29 Show GitHub Exploit DB Packet Storm
241480 5 警告 eticket - eTicket の index.php における重要な情報が取得される脆弱性 - CVE-2007-2800 2012-06-26 15:46 2007-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
288701 - acftp acftp acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command. NVD-CWE-Other
CVE-2006-6775 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288702 - open_newsletter open_newsletter The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative act… NVD-CWE-Other
CVE-2006-6785 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288703 - open_newsletter open_newsletter Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php. NVD-CWE-Other
CVE-2006-6786 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288704 - mxmania newsletter_mx SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NVD-CWE-Other
CVE-2006-6787 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288705 - mxmania calendar_mx_basic SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: The provenance of this… NVD-CWE-Other
CVE-2006-6792 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288706 - myphpnuke myphpnuke_my_egallery PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 module in myPHPNuke (MPN) allows remote attackers to execute arbitrary PHP code via a URL in the basepa… NVD-CWE-Other
CVE-2006-6795 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288707 - mtcms mtcms PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ins_file parameter. NVD-CWE-Other
CVE-2006-6796 2017-10-19 10:29 2006-12-28 Show GitHub Exploit DB Packet Storm
288708 - sh-news sh-news PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the news_cfg[path] parameter. NVD-CWE-Other
CVE-2006-6801 2017-10-19 10:29 2006-12-29 Show GitHub Exploit DB Packet Storm
288709 - sh-news sh-news Successful exploitation requires that "register_globals" is enabled. NVD-CWE-Other
CVE-2006-6801 2017-10-19 10:29 2006-12-29 Show GitHub Exploit DB Packet Storm
288710 - enthrallweb epages SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execute arbitrary SQL commands via the Biz_ID parameter. NVD-CWE-Other
CVE-2006-6802 2017-10-19 10:29 2006-12-29 Show GitHub Exploit DB Packet Storm