Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241551 7.8 危険 associated press - AP Newspowerにおける新規の記事を挿入される脆弱性 - CVE-2007-2554 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
241552 5 警告 devellion - Devellion CubeCart における HTTP レスポンス分割攻撃を誘発する脆弱性 - CVE-2007-2550 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
241553 7.5 危険 berylium - Berylium2 の berylium-classes.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2531 2012-06-26 15:46 2007-05-8 Show GitHub Exploit DB Packet Storm
241554 7.5 危険 dynamicpad - DynamicPAD における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2527 2012-06-26 15:46 2007-05-8 Show GitHub Exploit DB Packet Storm
241555 7.2 危険 CA Technologies - CA Anti-Virus for the Enterprise および Threat Manager における共有ファイルマッピングを変更される脆弱性 - CVE-2007-2523 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
241556 10 危険 CA Technologies - 複数の CA 製品の inoWeb Console Server におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2522 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
241557 7.5 危険 e-gads - E-GADS! の common.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2521 2012-06-26 15:46 2007-05-8 Show GitHub Exploit DB Packet Storm
241558 6.8 警告 frankmancuso - MyNews の admin.php における SQL インジェクションの脆弱性 - CVE-2007-2520 2012-06-26 15:46 2007-06-26 Show GitHub Exploit DB Packet Storm
241559 9.3 危険 シマンテック
numara
centennial		 - XferWan.exe におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2514 2012-06-26 15:46 2007-06-6 Show GitHub Exploit DB Packet Storm
241560 7.5 危険 Alcatel-Lucent - OmniPCX Enterprise の Alcatel-Lucent IP-Touch Telephone におけるボイス VLAN へアクセスを取得される脆弱性 - CVE-2007-2512 2012-06-26 15:46 2007-06-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287871 - aspindir shibby_shop sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2873 2017-10-19 10:30 2008-06-27 Show GitHub Exploit DB Packet Storm
287872 - aspindir shibby_shop upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2882 2017-10-19 10:30 2008-06-27 Show GitHub Exploit DB Packet Storm
287873 - chaozzatwork fubarforum Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-2887 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287874 - offl online_fantasy_football_league Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.ph… CWE-89
SQL Injection 		CVE-2008-2890 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287875 - aprox aproxengine Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-2895 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287876 - clever_copy clever_copy SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter. CWE-89
SQL Injection 		CVE-2008-2909 2017-10-19 10:30 2008-07-1 Show GitHub Exploit DB Packet Storm
287877 - kblance kblance SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action. CWE-89
SQL Injection 		CVE-2008-2972 2017-10-19 10:30 2008-07-3 Show GitHub Exploit DB Packet Storm
287878 - simple_php_agenda simple_php_agenda Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-3031 2017-10-19 10:30 2008-07-8 Show GitHub Exploit DB Packet Storm
287879 - mole_group lastminute_script SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. CWE-89
SQL Injection 		CVE-2008-3125 2017-10-19 10:30 2008-07-11 Show GitHub Exploit DB Packet Storm
287880 - dreamlevels dreamnews_manager SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3189 2017-10-19 10:30 2008-07-17 Show GitHub Exploit DB Packet Storm