Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242791 7.5 危険 buzlas - Buzlas 2006-1 Full の includes/archive/archive_topic.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5311 2012-06-26 15:37 2006-10-17 Show GitHub Exploit DB Packet Storm
242792 7.5 危険 afgb - AFGB GUESTBOOK における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5307 2012-06-26 15:37 2006-10-17 Show GitHub Exploit DB Packet Storm
242793 10 危険 シスコシステムズ - CUCM の RIS Data Collector サービスにおける整数オーバーフローの脆弱性 - CVE-2006-5278 2012-06-26 15:37 2007-07-11 Show GitHub Exploit DB Packet Storm
242794 9.3 危険 シスコシステムズ - CUCM の CTL Provider サービスにおける任意のコードを実行される脆弱性 - CVE-2006-5277 2012-06-26 15:37 2007-07-11 Show GitHub Exploit DB Packet Storm
242795 4.3 警告 gcontact - Gcontact の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5299 2012-06-26 15:37 2006-10-17 Show GitHub Exploit DB Packet Storm
242796 5 警告 ClamAV - ClamAV におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5295 2012-06-26 15:37 2006-10-16 Show GitHub Exploit DB Packet Storm
242797 7.5 危険 exhibit engine - Exhibit Engine の photo_comment.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5292 2012-06-26 15:37 2006-10-16 Show GitHub Exploit DB Packet Storm
242798 7.5 危険 alex - Download-Engine の admin/includes/spaw/spaw_control.class.php におけるにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-5291 2012-06-26 15:37 2006-10-16 Show GitHub Exploit DB Packet Storm
242799 10 危険 シスコシステムズ - Cisco 2700 Series Wireless Location Appliances における管理者権限を取得される脆弱性 - CVE-2006-5288 2012-06-26 15:37 2006-10-12 Show GitHub Exploit DB Packet Storm
242800 6.8 警告 cuttlefish multimedia ltd. - Leicestershire communityPortals における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-5280 2012-06-26 15:37 2006-10-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251051 6.1 MEDIUM
Network 		abdullahirfan whitelist Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Irfan Whitelist allows Reflected XSS.This issue affects Whitelist: from n/a throu… CWE-79
Cross-site Scripting 		CVE-2024-49643 2024-11-1 03:48 2024-10-29 Show GitHub Exploit DB Packet Storm
251052 6.5 MEDIUM
Network 		lunary lunary lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj… CWE-74
Injection 		CVE-2024-7472 2024-11-1 03:46 2024-10-29 Show GitHub Exploit DB Packet Storm
251053 9.8 CRITICAL
Network 		langchain langchain A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p… CWE-89
SQL Injection 		CVE-2024-7042 2024-11-1 03:36 2024-10-29 Show GitHub Exploit DB Packet Storm
251054 9.1 CRITICAL
Network 		gaizhenbiao chuanhuchatgpt A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files w… CWE-610
Externally Controlled Reference to a Resource in Another Sphere 		CVE-2024-5823 2024-11-1 03:05 2024-10-29 Show GitHub Exploit DB Packet Storm
251055 6.1 MEDIUM
Network 		soft-master affiliate_platform Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ilias Gomatos Affiliate Platform allows Reflected XSS.This issue affects Affiliate Platfor… CWE-79
Cross-site Scripting 		CVE-2024-49645 2024-11-1 02:59 2024-10-29 Show GitHub Exploit DB Packet Storm
251056 6.1 MEDIUM
Network 		wedevs wp_erp Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs WP ERP allows Reflected XSS.This issue affects WP ERP: from n/a through 1.13.2. CWE-79
Cross-site Scripting 		CVE-2024-47640 2024-11-1 02:39 2024-10-29 Show GitHub Exploit DB Packet Storm
251057 - - - TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the book… - CVE-2024-34537 2024-11-1 02:15 2024-10-28 Show GitHub Exploit DB Packet Storm
251058 7.5 HIGH
Network 		- - IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue m… CWE-266
 Incorrect Privilege Assignment 		CVE-2024-40681 2024-11-1 02:15 2024-09-8 Show GitHub Exploit DB Packet Storm
251059 5.5 MEDIUM
Local 		ibm mq_operator IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-40680 2024-11-1 02:15 2024-09-7 Show GitHub Exploit DB Packet Storm
251060 5.4 MEDIUM
Network 		tychesoftwares arconix_shortcodes The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input saniti… CWE-79
Cross-site Scripting 		CVE-2024-10226 2024-11-1 01:48 2024-10-29 Show GitHub Exploit DB Packet Storm