Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
243851 7.2 危険 オラクル - Oracle JD Edwards EnterpriseOne の HTML Server における脆弱性 - CVE-2007-2134 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243852 10 危険 オラクル - Oracle PeopleSoft Enterprise の PeopleSoft Enterprise Human Capital Management コンポーネントにおける脆弱性 - CVE-2007-2133 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243853 10 危険 オラクル - Oracle PeopleSoft Enterprise の PeopleTools コンポーネントにおける脆弱性 - CVE-2007-2132 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243854 10 危険 オラクル - Oracle PeopleSoft Enterprise の PeopleTools における脆弱性 - CVE-2007-2131 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243855 9 危険 オラクル - Oracle E-Business Suite の Sales Online コンポーネントにおける脆弱性 - CVE-2007-2128 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243856 10 危険 オラクル - Oracle E-Business Suite における脆弱性 CWE-noinfo
情報不足
CVE-2007-2127 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243857 10 危険 オラクル - Oracle E-Business Suite における脆弱性 - CVE-2007-2126 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243858 10 危険 オラクル - Oracle Collaboration Suite の Collaborative Workspace における脆弱性 - CVE-2007-2125 2012-09-25 16:47 2007-04-17 Show GitHub Exploit DB Packet Storm
243859 7.5 危険 kai content management system - K-CMS の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2106 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
243860 7.5 危険 monkey cms - Monkey CMS の admin/index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2105 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346131 - jetbox jetbox_cms Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php. NVD-CWE-Other
CVE-2006-4739 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346132 - jetbox jetbox_cms Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message. NVD-CWE-Other
CVE-2006-4740 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346133 - idevspot phplinkexchange PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter. NVD-CWE-Other
CVE-2006-4741 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346134 - idevspot phplinkexchange Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NVD-CWE-Other
CVE-2006-4742 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346135 - wordpress wordpress WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6)… NVD-CWE-Other
CVE-2006-4743 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346136 - abidia abidia_wireless
o-anywhere
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. NVD-CWE-Other
CVE-2006-4744 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346137 - scarybear pocketexpense_pro ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file… NVD-CWE-Other
CVE-2006-4745 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346138 - comscripts web_server_creator PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. NVD-CWE-Other
CVE-2006-4746 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346139 - idevspot textads Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error paramete… NVD-CWE-Other
CVE-2006-4747 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346140 - f-art_agency blog_cms Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin… NVD-CWE-Other
CVE-2006-4748 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm