Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241841 10 危険 CA Technologies - CA BrightStor ARCserve Backup の Tape Engine におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1447 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
241842 7.5 危険 danny ho - OES における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1446 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241843 7.5 危険 betaparticle - BP Blog の default.asp 用の heme プレビュー機能における SQL インジェクションの脆弱性 - CVE-2007-1445 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241844 9.3 危険 bitesser - bitesser MySQL Commander の ressourcen/dbopen.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1439 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241845 10 危険 D-Link Systems, Inc. - D-Link TFTP Server におけるバッファオーバーフローの脆弱性 - CVE-2007-1435 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241846 7.5 危険 grayscale - Grayscale Blog における SQL インジェクションの脆弱性 - CVE-2007-1434 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241847 4.3 警告 grayscale - Grayscale Blog におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1433 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241848 7.5 危険 grayscale - Grayscale Blog における権限を取得される脆弱性 - CVE-2007-1432 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241849 7.5 危険 clip-share - ClipShare の include/adodb-connection.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1430 2012-06-26 15:46 2007-03-12 Show GitHub Exploit DB Packet Storm
241850 5 警告 assetman - AssetMan の download_pdf.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1427 2012-06-26 15:46 2007-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287871 - aspindir shibby_shop sHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2873 2017-10-19 10:30 2008-06-27 Show GitHub Exploit DB Packet Storm
287872 - aspindir shibby_shop upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2882 2017-10-19 10:30 2008-06-27 Show GitHub Exploit DB Packet Storm
287873 - chaozzatwork fubarforum Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-2887 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287874 - offl online_fantasy_football_league Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.ph… CWE-89
SQL Injection 		CVE-2008-2890 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287875 - aprox aproxengine Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-2895 2017-10-19 10:30 2008-06-28 Show GitHub Exploit DB Packet Storm
287876 - clever_copy clever_copy SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter. CWE-89
SQL Injection 		CVE-2008-2909 2017-10-19 10:30 2008-07-1 Show GitHub Exploit DB Packet Storm
287877 - kblance kblance SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action. CWE-89
SQL Injection 		CVE-2008-2972 2017-10-19 10:30 2008-07-3 Show GitHub Exploit DB Packet Storm
287878 - simple_php_agenda simple_php_agenda Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2008-3031 2017-10-19 10:30 2008-07-8 Show GitHub Exploit DB Packet Storm
287879 - mole_group lastminute_script SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. CWE-89
SQL Injection 		CVE-2008-3125 2017-10-19 10:30 2008-07-11 Show GitHub Exploit DB Packet Storm
287880 - dreamlevels dreamnews_manager SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3189 2017-10-19 10:30 2008-07-17 Show GitHub Exploit DB Packet Storm