Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242281	10	危険	andys chat	-	Andys Chat の register.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7036	2012-06-26 15:38	2007-02-22	Show	GitHub Exploit DB Packet Storm

242282	6.8	警告	avatic	-	Aardvark Topsites PHP の sources/join.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7026	2012-06-26 15:38	2007-02-22	Show	GitHub Exploit DB Packet Storm

242283	4.3	警告	fx-app	-	fx-APP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7023	2012-06-26 15:38	2007-02-14	Show	GitHub Exploit DB Packet Storm

242284	10	危険	fx-app	-	fx-APP の Tools モジュールにおける Web ページのコンテンツを不正確に表示する脆弱性	-	CVE-2006-7022	2012-06-26 15:38	2007-02-14	Show	GitHub Exploit DB Packet Storm

242285	7.8	危険	arkoon	-	Arkoon FAST360 UTM の DNS モジュールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-7054	2012-06-26 15:38	2006-05-29	Show	GitHub Exploit DB Packet Storm

242286	7.5	危険	arkoon	-	Arkoon FAST360 UTM における IDPS HTTP モジュール内の署名を回避される脆弱性	-	CVE-2006-7053	2012-06-26 15:38	2006-03-31	Show	GitHub Exploit DB Packet Storm

242287	7.5	危険	bloggit	-	BloggIT の admin.php における権限を取得される脆弱性	-	CVE-2006-7014	2012-06-26 15:38	2007-02-14	Show	GitHub Exploit DB Packet Storm

242288	7.5	危険	fusionphp	-	Fusion Polls の admin/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7003	2012-06-26 15:38	2007-02-12	Show	GitHub Exploit DB Packet Storm

242289	7.5	危険	dev	-	Neuron Blog の pages/addcomment2.php における SQL インジェクションの脆弱性	-	CVE-2006-6993	2012-06-26 15:38	2007-02-12	Show	GitHub Exploit DB Packet Storm

242290	7.8	危険	gosurf browser	-	GoSuRF Browser における他のドメインから制限された情報へアクセスされる脆弱性	-	CVE-2006-6992	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
308051	-	katalog_plyt_audio	katalog_plyt_audio	Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fraza and (2) litera parameters, differe…	NVD-CWE-Other	CVE-2007-1656	2011-03-8 11:52	2007-03-24	Show	GitHub Exploit DB Packet Storm

308052	-	flyspray	flyspray	Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request.	NVD-CWE-Other	CVE-2007-1788	2011-03-8 11:52	2007-03-31	Show	GitHub Exploit DB Packet Storm

308053	-	flyspray	flyspray	Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests.	NVD-CWE-Other	CVE-2007-1789	2011-03-8 11:52	2007-03-31	Show	GitHub Exploit DB Packet Storm

308054	-	web-app.org	webapp	Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute ar…	NVD-CWE-Other	CVE-2007-1827	2011-03-8 11:52	2007-04-3	Show	GitHub Exploit DB Packet Storm

308055	-	web-app.org	webapp	Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the QUERY_STRING corresponding…	NVD-CWE-Other	CVE-2007-1828	2011-03-8 11:52	2007-04-3	Show	GitHub Exploit DB Packet Storm

308056	-	web-app.org	webapp	web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING.	NVD-CWE-Other	CVE-2007-1831	2011-03-8 11:52	2007-04-3	Show	GitHub Exploit DB Packet Storm

308057	-	web-app.org	webapp	web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files (1) via a crafted filename or (2) by "using percent encoding in forms."	NVD-CWE-Other	CVE-2007-1832	2011-03-8 11:52	2007-04-3	Show	GitHub Exploit DB Packet Storm

308058	-	mohachat	moha_chat	MOHA Chat 0.1b7 and earlier does not require authentication for use of the plug in API, which has unknown impact and attack vectors.	NVD-CWE-Other	CVE-2007-0954	2011-03-8 11:51	2007-02-15	Show	GitHub Exploit DB Packet Storm

308059	-	cisco	firewall_services_module	Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the "debug" level, allows remote attackers to cause a denial of service (device reboot) by s…	NVD-CWE-Other	CVE-2007-0963	2011-03-8 11:51	2007-02-16	Show	GitHub Exploit DB Packet Storm

308060	-	cisco	firewall_services_module	Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device rebo…	NVD-CWE-Other	CVE-2007-0964	2011-03-8 11:51	2007-02-16	Show	GitHub Exploit DB Packet Storm