Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250881	6	警告	baconmap	-	BaconMap の admin/updatelist.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4801	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250882	7.5	危険	baconmap	-	BaconMap の doadd.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4800	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250883	6.8	警告	Chipmunk Scripts	-	Chipmunk Pwngame における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4799	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250884	6.8	警告	OrangeHRM	-	OrangeHRM におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4798	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250885	7.5	危険	truworthit	-	Truworth Flex Timesheet のログインフォームにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4797	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250886	7.5	危険	phpyun	-	PHPYun における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4796	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250887	7.5	危険	joomlaseller Joomla!	-	Joomla! の com_jscalendar コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4795	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250888	4.3	警告	joomlaseller Joomla!	-	Joomla! の com_jscalendar コンポーネントにおけるクロスサイトスクリプティング脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4794	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250889	7.5	危険	site2nite	-	Site2Nite Auto e-Manager の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4793	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

250890	4.3	警告	openit	-	OPEN IT OverLook の title.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4792	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306551	-	gambio	xt\	SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.	CWE-89 SQL Injection	CVE-2010-4954	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306552	-	jw_calendar	jw_calendar	Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.	NVD-CWE-noinfo	CVE-2010-4953	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306553	-	joachim_ruhs	festat	SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2010-4952	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306554	-	thomas_mammitzsch	vx_xajax_shoutbox	Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…	CWE-79 Cross-site Scripting	CVE-2010-4951	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306555	-	joachim_ruhs	event	SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2010-4950	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306556	-	evnix	freichat freichatpure	Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary…	CWE-79 Cross-site Scripting	CVE-2010-4949	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306557	-	phpgalleryscript	php_free_photo_gallery	PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.	CWE-94 Code Injection	CVE-2010-4948	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306558	-	allpcscript	allpc	Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.	CWE-79 Cross-site Scripting	CVE-2010-4947	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306559	-	allpcscript	allpc	SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.	CWE-89 SQL Injection	CVE-2010-4946	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

306560	-	joomla	com_camelcitydb2	SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.	CWE-89 SQL Injection	CVE-2010-4945	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm