Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
248141 9.3 危険 Andreas Gohr - DokuWiki の inc/init.php における任意のローカルファイルをインクルードされる脆弱性 CWE-94
コード・インジェクション
CVE-2009-1960 2012-06-26 16:10 2009-06-7 Show GitHub Exploit DB Packet Storm
248142 7.5 危険 ahmet donmez - WebEyes Guest Book の yorum.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-1950 2012-06-26 16:10 2009-06-5 Show GitHub Exploit DB Packet Storm
248143 6.8 警告 adaptbb - AdaptBB の latestposts.php における任意の PHP コードが実行される脆弱性 CWE-94
コード・インジェクション
CVE-2009-1946 2012-06-26 16:10 2009-06-5 Show GitHub Exploit DB Packet Storm
248144 9.3 危険 aimp - AIMP におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-1944 2012-06-26 16:10 2009-06-5 Show GitHub Exploit DB Packet Storm
248145 3.5 注意 Quiz Module Project - Drupal 用の Quiz モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-1942 2012-06-26 16:10 2009-06-3 Show GitHub Exploit DB Packet Storm
248146 6.8 警告 cpcommerce - cpCommerce の _functions.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2009-1936 2012-06-26 16:10 2009-06-5 Show GitHub Exploit DB Packet Storm
248147 4.9 警告 FreeBSD - FreeBSD のパイプ実装 の direct write 最適化の pipe_build_write_buffer 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2009-1935 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
248148 10 危険 gscripts - GScripts.net DNS Tools の dig.php における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2009-1916 2012-06-26 16:10 2009-06-4 Show GitHub Exploit DB Packet Storm
248149 6.8 警告 Claudio Klingler - TWG で使用される QuiXplorer の .include/init.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2009-1911 2012-06-26 16:10 2009-06-4 Show GitHub Exploit DB Packet Storm
248150 4.3 警告 Claroline Consortium - Claroline の claroline/linker/notfound.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-1907 2012-06-26 16:10 2009-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346131 - jetbox jetbox_cms Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php. NVD-CWE-Other
CVE-2006-4739 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346132 - jetbox jetbox_cms Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message. NVD-CWE-Other
CVE-2006-4740 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346133 - idevspot phplinkexchange PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter. NVD-CWE-Other
CVE-2006-4741 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346134 - idevspot phplinkexchange Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NVD-CWE-Other
CVE-2006-4742 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346135 - wordpress wordpress WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6)… NVD-CWE-Other
CVE-2006-4743 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346136 - abidia abidia_wireless
o-anywhere
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. NVD-CWE-Other
CVE-2006-4744 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346137 - scarybear pocketexpense_pro ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file… NVD-CWE-Other
CVE-2006-4745 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346138 - comscripts web_server_creator PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. NVD-CWE-Other
CVE-2006-4746 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346139 - idevspot textads Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error paramete… NVD-CWE-Other
CVE-2006-4747 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm
346140 - f-art_agency blog_cms Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin… NVD-CWE-Other
CVE-2006-4748 2018-10-18 06:39 2006-09-14 Show GitHub Exploit DB Packet Storm