Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242481 7.5 危険 2daybiz - 2daybiz MLM における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2516 2012-06-26 16:19 2010-06-29 Show GitHub Exploit DB Packet Storm
242482 6.8 警告 dacian strain
Joomla!		 - Joomla! 用の JFaq コンポーネントの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2515 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242483 4.3 警告 dacian strain
Joomla!		 - Joomla! 用の JFaq コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2514 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242484 7.5 危険 2daybiz - 2daybiz Matrimonial Script の customprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2512 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242485 7.5 危険 2daybiz - 2daybiz MLM Software の viewnews.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2511 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242486 7.5 危険 2daybiz - 2daybiz Web Template Software の customize.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2510 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242487 4.3 警告 2daybiz - 2daybiz Web Template Software におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2509 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242488 7.5 危険 2daybiz - 2daybiz Video Community Portal Script の user-profile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2508 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242489 2.9 注意 シスコシステムズ - Linksys WAP54Gv3 の debug.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2506 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
242490 5 警告 bogofilter - bogofilter の base64.c の base64 デコーダにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-2494 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266531 4.8 MEDIUM
Network 		atlassian jira Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. CWE-79
Cross-site Scripting 		CVE-2016-4318 2024-11-21 11:51 2017-04-10 Show GitHub Exploit DB Packet Storm
266532 5.4 MEDIUM
Network 		atlassian confluence Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page. CWE-79
Cross-site Scripting 		CVE-2016-4317 2024-11-21 11:51 2017-04-10 Show GitHub Exploit DB Packet Storm
266533 4.9 MEDIUM
Network 		plone plone Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-4043 2024-11-21 11:51 2017-02-25 Show GitHub Exploit DB Packet Storm
266534 5.3 MEDIUM
Network 		plone plone Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors. CWE-200
Information Exposure 		CVE-2016-4042 2024-11-21 11:51 2017-02-25 Show GitHub Exploit DB Packet Storm
266535 7.3 HIGH
Network 		plone plone Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-4041 2024-11-21 11:51 2017-02-25 Show GitHub Exploit DB Packet Storm
266536 6.1 MEDIUM
Network 		wso2 enablement_server_for_java Cross-site scripting (XSS) vulnerability in WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH… CWE-79
Cross-site Scripting 		CVE-2016-4327 2024-11-21 11:51 2017-02-17 Show GitHub Exploit DB Packet Storm
266537 6.1 MEDIUM
Network 		wso2 carbon Multiple cross-site scripting (XSS) vulnerabilities in WSO2 Carbon 4.4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) setName parameter to identity-mgt/challenges-mgt.jsp… CWE-79
Cross-site Scripting 		CVE-2016-4316 2024-11-21 11:51 2017-02-17 Show GitHub Exploit DB Packet Storm
266538 5.7 MEDIUM
Network 		wso2 carbon Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action… CWE-352
 Origin Validation Error 		CVE-2016-4315 2024-11-21 11:51 2017-02-17 Show GitHub Exploit DB Packet Storm
266539 4.9 MEDIUM
Network 		wso2 carbon Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to… CWE-22
Path Traversal 		CVE-2016-4314 2024-11-21 11:51 2017-02-17 Show GitHub Exploit DB Packet Storm
266540 7.5 HIGH
Network 		wso2 identity_server XML external entity (XXE) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 before WSO2-CARBON-PATCH-4.4.0-0231 allows remote authenticated users with access to XACML features to … CWE-611
XXE 		CVE-2016-4312 2024-11-21 11:51 2017-02-17 Show GitHub Exploit DB Packet Storm