Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241971 7.5 危険 apache stats - Apache Stats における任意の変数を変更される脆弱性 - CVE-2007-0930 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
241972 4.3 警告 communityserver.org - Community Server の search/SearchResults.aspx におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0925 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
241973 4.3 警告 cPanel - cPanel WHM の scripts/passwdmysql におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0890 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241974 7.8 危険 Gecad Technologies - axigen におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0887 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241975 10 危険 Gecad Technologies - axigen におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0886 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241976 7.8 危険 capital request forms - Capital Request Forms におけるデータベースの資格情報を取得される脆弱性 - CVE-2007-0880 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241977 6.8 警告 allons voter - Allons_voter における認証または特定の管理機能のアクセスを回避される脆弱性 - CVE-2007-0874 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241978 7.5 危険 extremepow - eXtremePow eXtreme File Hosting における任意の PHP コードをアップロードされる脆弱性 - CVE-2007-0871 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
241979 7.5 危険 cPanel - cPanel WHM の scripts2/objcache におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-0854 2012-06-26 15:46 2007-02-8 Show GitHub Exploit DB Packet Storm
241980 7.5 危険 advanced poll - Advanced Poll の admin/index.php における認証を回避される脆弱性 - CVE-2007-0845 2012-06-26 15:46 2007-02-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293951 - news_manager news_manager Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php… CWE-89
SQL Injection 		CVE-2008-2340 2017-09-29 10:31 2008-05-19 Show GitHub Exploit DB Packet Storm
293952 - avalonnet news_manager PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter. CWE-94
Code Injection 		CVE-2008-2341 2017-09-29 10:31 2008-05-19 Show GitHub Exploit DB Packet Storm
293953 - news_manager news_manager Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. CWE-22
Path Traversal 		CVE-2008-2342 2017-09-29 10:31 2008-05-19 Show GitHub Exploit DB Packet Storm
293954 - news_manager news_manager News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2343 2017-09-29 10:31 2008-05-19 Show GitHub Exploit DB Packet Storm
293955 - alkalinephp alkalinephp AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2346 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm
293956 - mypicgallery mypicgallery MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php. CWE-287
Improper Authentication 		CVE-2008-2347 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm
293957 - meltingicefs meltingice_file_system MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2348 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm
293958 - zomp zomplog Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2349 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm
293959 - webmanager-pro cms_webmanager-pro Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters. CWE-89
SQL Injection 		CVE-2008-2351 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm
293960 - gnugallery gnugallery Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter. CWE-22
Path Traversal 		CVE-2008-2353 2017-09-29 10:31 2008-05-21 Show GitHub Exploit DB Packet Storm