Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241701 7.5 危険 afflib - AFFLIB における任意のコマンドを実行される脆弱性 - CVE-2007-2055 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
241702 7.5 危険 afflib - AFFLIB におけるフォーマットストリングの脆弱性 - CVE-2007-2054 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
241703 10 危険 afflib - AFFLIB におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2053 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
241704 5 警告 The BFTPD Project - bftpd の parsecmd 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2051 2012-06-26 15:46 2007-04-16 Show GitHub Exploit DB Packet Storm
241705 7.5 危険 antonis ventouris - Mambo の Antonis Ventouris Weather モジュールの mod_weather.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2044 2012-06-26 15:46 2007-04-16 Show GitHub Exploit DB Packet Storm
241706 7.5 危険 avant-garde solutions - Mambo の mosmedia における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2043 2012-06-26 15:46 2007-04-16 Show GitHub Exploit DB Packet Storm
241707 6.8 警告 avant-garde solutions - Mambo の Avant-Garde Solutions MOSMedia Lite および初期モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2042 2012-06-26 15:46 2007-04-16 Show GitHub Exploit DB Packet Storm
241708 4 警告 シスコシステムズ - Cisco WLC におけるアクセス制限を回避される脆弱性 - CVE-2007-2041 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
241709 6.2 警告 シスコシステムズ - Cisco Aironet におけるデバイス上で任意の操作を実行される脆弱性 - CVE-2007-2040 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
241710 6.1 警告 シスコシステムズ - Cisco WLC のNPU におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2039 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291691 - yourfreeworld apartment_search_script Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header,… CWE-20
 Improper Input Validation  		CVE-2008-6684 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291692 - butterflymedia butterfly_organizer Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable p… CWE-79
Cross-site Scripting 		CVE-2008-6700 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291693 - preprojects pre_ads_portal Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.ph… CWE-79
Cross-site Scripting 		CVE-2008-6715 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291694 - preprojects pre_ads_portal homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. CWE-287
Improper Authentication 		CVE-2008-6716 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291695 - uochm signup U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct reques… CWE-287
Improper Authentication 		CVE-2008-6717 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291696 - uochm justbookit U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to… CWE-287
Improper Authentication 		CVE-2008-6718 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291697 - uochm justlistit U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via … CWE-287
Improper Authentication 		CVE-2008-6719 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291698 - deltascripts php_links SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin … CWE-89
SQL Injection 		CVE-2008-6720 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291699 - ajsquare aj_article SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). CWE-89
SQL Injection 		CVE-2008-6721 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm
291700 - turnkeyforms entertainment_portal TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. CWE-287
Improper Authentication 		CVE-2008-6723 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm