Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246031 7.5 危険 elvinbts - Elvin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2123 2012-06-26 16:10 2009-06-19 Show GitHub Exploit DB Packet Storm
246032 4.3 警告 F5 Networks - F5 FirePass SSL VPN のログインインターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2119 2012-06-26 16:10 2009-06-18 Show GitHub Exploit DB Packet Storm
246033 7.5 危険 daan sprenkels - FretsWeb における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2113 2012-06-26 16:10 2009-06-18 Show GitHub Exploit DB Packet Storm
246034 7.5 危険 frank-karau - phpFK の include/page_bottom.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2112 2012-06-26 16:10 2009-06-18 Show GitHub Exploit DB Packet Storm
246035 5 警告 daan sprenkels - FretsWeb におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2109 2012-06-26 16:10 2009-06-18 Show GitHub Exploit DB Packet Storm
246036 7.5 危険 com jumi
Joomla!		 - Joomla の jumi コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2102 2012-06-26 16:10 2009-06-17 Show GitHub Exploit DB Packet Storm
246037 6.8 警告 castro xl - TorrentVolve の archive.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2101 2012-06-26 16:10 2009-06-17 Show GitHub Exploit DB Packet Storm
246038 7.5 危険 david degner - phpCollegeExchange の house/listing_view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2096 2012-06-26 16:10 2009-06-17 Show GitHub Exploit DB Packet Storm
246039 7.5 危険 creative web solutions - Creative Web Solutions Multi-Level CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2082 2012-06-26 16:10 2009-06-16 Show GitHub Exploit DB Packet Storm
246040 3.5 注意 Drupal - Drupal 用の Taxonomy manager モジュールの管理ページインターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2079 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348011 - vcd-db vcd-db Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments. NVD-CWE-Other
CVE-2006-4628 2017-07-20 10:33 2006-09-9 Show GitHub Exploit DB Packet Storm
348012 - squiz mysource_classic Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related … NVD-CWE-Other
CVE-2006-4635 2017-07-20 10:33 2006-09-9 Show GitHub Exploit DB Packet Storm
348013 - drupal drupal_pathauto_module Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto module before pathauto_node.inc 1.17.2.1 and the Drupal 4.6 Pathauto module before pathauto_node.inc 1.14.2.1 allows remote attacke… NVD-CWE-Other
CVE-2006-4646 2017-07-20 10:33 2006-09-9 Show GitHub Exploit DB Packet Storm
348014 - php_fusion php_fusion Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks … NVD-CWE-Other
CVE-2006-4673 2017-07-20 10:33 2006-09-12 Show GitHub Exploit DB Packet Storm
348015 - php_fusion php_fusion Successful exploitation requires that "register_globals" and "magic_quotes_gpc" are disabled. This vulnerability is addressed in the following product release: PHP-Fusion, PHP_Fusion, 6.01.5 NVD-CWE-Other
CVE-2006-4673 2017-07-20 10:33 2006-09-12 Show GitHub Exploit DB Packet Storm
348016 - newsgator feeddemon Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certa… NVD-CWE-Other
CVE-2006-4710 2017-07-20 10:33 2006-09-13 Show GitHub Exploit DB Packet Storm
348017 - newsgator feeddemon This vulnerability is addressed in the following product release: NewsGator, FeedDemon, 2.0.0.25 NVD-CWE-Other
CVE-2006-4710 2017-07-20 10:33 2006-09-13 Show GitHub Exploit DB Packet Storm
348018 - korviblog korviblog Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body par… NVD-CWE-Other
CVE-2006-4718 2017-07-20 10:33 2006-09-13 Show GitHub Exploit DB Packet Storm
348019 - adobe coldfusion Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors invol… NVD-CWE-Other
CVE-2006-4724 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
348020 - adobe coldfusion Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox. NVD-CWE-Other
CVE-2006-4725 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm