Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 25, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250281	7.8	危険	Bradford Networks	-	Bradford CampusManager Network Control Application Server における重要な情報を取得される脆弱性	-	CVE-2007-2629	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250282	6.8	警告	aiocp	-	AIOCP の shared/code/cp_authorization.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2625	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250283	6.8	警告	aiocp	-	AIOCP の shared/config/cp_config.php におけるクロスサイトスクリプティング攻撃を誘発する脆弱性	-	CVE-2007-2624	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250284	7.8	危険	fruit2004	-	Remote Display Dev キットの RControl.dll におけるバッファオーバーフローの脆弱性	-	CVE-2007-2623	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250285	7.5	危険	extrovert software	-	Thyme Calendar の event_view.php における SQL インジェクションの脆弱性	-	CVE-2007-2621	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250286	5.1	警告	drake team	-	Drake CMS の index.php における CRLF インジェクションの脆弱性	-	CVE-2007-2618	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250287	7.5	危険	crie sue	-	Crie seu PHPLojaFacil における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2615	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250288	6.8	警告	cgx	-	CGX における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2611	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250289	7.5	危険	gnuedu	-	gnuedu における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2609	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

250290	7.8	危険	Firebird Project	-	Firebird におけるバッファオーバーフローの脆弱性	-	CVE-2007-2606	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280141	-	ajaxplorer	ajaxplorer	Directory traversal vulnerability in AjaXplorer 2.0 allows remote attackers to read arbitrary files via unspecified vectors.	CWE-22 Path Traversal	CVE-2015-5650	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280142	-	icz	matchasns	ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5645	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280143	-	icz	matchasns	The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.	CWE-94 Code Injection	CVE-2015-5644	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280144	-	icz	matchasns	The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.	CWE-94 Code Injection	CVE-2015-5643	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280145	-	icz	matchasns	Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2.5.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2015-5642	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280146	-	basercms	basercms	SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2015-5641	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280147	-	basercms	basercms	baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5640	2024-11-21 11:33	2015-10-6	Show	GitHub Exploit DB Packet Storm

280148	-	anchorcms	anchor_cms	system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.	CWE-94 Code Injection	CVE-2015-5687	2024-11-21 11:33	2015-10-5	Show	GitHub Exploit DB Packet Storm

280149	-	dotclear	dotclear	Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2015-5651	2024-11-21 11:33	2015-10-4	Show	GitHub Exploit DB Packet Storm

280150	-	canarylabs	trendweb	Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5653	2024-11-21 11:33	2015-10-3	Show	GitHub Exploit DB Packet Storm