Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241951	7.5	危険	jason alexander	-	Jason Alexander phNNTP の article-raw.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4103	2012-09-25 15:35	2006-08-14	Show	GitHub Exploit DB Packet Storm

241952	4.3	警告	mojoscripts	-	mojoscripts.com mojoGallery の admin.cgi におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4087	2012-09-25 15:35	2006-08-11	Show	GitHub Exploit DB Packet Storm

241953	4.3	警告	ozjournals	-	Elaine Aquino OZJournals の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4086	2012-09-25 15:35	2006-08-11	Show	GitHub Exploit DB Packet Storm

241954	7.5	危険	olaf noehring	-	Olaf Noehring TSEP における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4085	2012-09-25 15:35	2006-08-11	Show	GitHub Exploit DB Packet Storm

241955	7.5	危険	mywebland	-	myWebland myEvent の viewevent.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4083	2012-09-25 15:35	2006-08-11	Show	GitHub Exploit DB Packet Storm

241956	6.8	警告	Joomla!	-	Joomla! 用の JD-Wiki コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4074	2012-09-25 15:35	2006-08-10	Show	GitHub Exploit DB Packet Storm

241957	2.6	注意	マイクロソフト	-	Microsoft Windows XP などの GDI ライブラリにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4071	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

241958	5.1	警告	imendio planner	-	Imendio Planner におけるフォーマットストリングの脆弱性	-	CVE-2006-4070	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

241959	4.3	警告	ozjournals	-	Elaine Aquino OZJournals におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4069	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

241960	2.6	注意	マイクロソフト	-	Microsoft Windows XP SP2 の gdiplus.dll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4066	2012-09-25 15:35	2006-08-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265801	6.1	MEDIUM Network	mybb	merge_system mybb	Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to i…	CWE-79 Cross-site Scripting	CVE-2016-9421	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265802	9.8	CRITICAL Network	mybb	merge_system mybb	MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives."	CWE-20 Improper Input Validation	CVE-2016-9420	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265803	6.1	MEDIUM Network	mybb	mybb	Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to inject arbitrary web scrip…	CWE-79 Cross-site Scripting	CVE-2016-9419	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265804	7.5	HIGH Network	mybb	merge_system mybb	MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a …	CWE-200 Information Exposure	CVE-2016-9418	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265805	7.4	HIGH Network	mybb	merge_system mybb	The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecif…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2016-9417	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265806	9.8	CRITICAL Network	mybb	merge_system mybb	SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspe…	CWE-89 SQL Injection	CVE-2016-9416	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265807	7.5	HIGH Network	mybb	merge_system mybb	MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."	CWE-284 Improper Access Control	CVE-2016-9415	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265808	7.5	HIGH Network	mybb	mybb merge_system	MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload director…	CWE-200 Information Exposure	CVE-2016-9414	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265809	6.5	MEDIUM Network	mybb	mybb merge_system	The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors.	CWE-284 Improper Access Control	CVE-2016-9413	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm

265810	9.8	CRITICAL Network	mybb	mybb merge_system	MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy.	CWE-284 Improper Access Control	CVE-2016-9412	2024-11-21 12:01	2017-02-1	Show	GitHub Exploit DB Packet Storm