Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251521	4.6	警告	OTRS プロジェクト	-	OTRS の Kernel/System/Web/Request.pm におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7276	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

251522	4.3	警告	OTRS プロジェクト	-	OTRS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7275	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

251523	5.8	警告	boka	-	SiteEngine の api.php におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-7269	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251524	4	警告	IBM	-	IBM TDS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-6743	2012-03-27 18:42	2011-04-10	Show	GitHub Exploit DB Packet Storm

251525	6.8	警告	IBM	-	IBM TDS の get_filter_list 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-6742	2012-03-27 18:42	2011-04-10	Show	GitHub Exploit DB Packet Storm

251526	4.3	警告	monkeysaudio	-	Monkey's Audio におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-7245	2012-03-27 18:42	2011-05-20	Show	GitHub Exploit DB Packet Storm

251527	5	警告	PNG Development Group	-	libpng の pngwutil.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-7244	2012-03-27 18:42	2011-08-31	Show	GitHub Exploit DB Packet Storm

251528	5	警告	boka	-	SiteEngine の phpinfo 関数におけるシステム情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-7268	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251529	7.5	危険	boka	-	SiteEngine における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7267	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251530	4.3	警告	RSAセキュリティ	-	RSA Adaptive Authentication の Shockwave Flash におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7266	2012-03-27 18:42	2010-11-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
301261	-	diy-cms	blog	Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index…	CWE-89 SQL Injection	CVE-2011-5140	2024-11-21 10:33	2012-09-1	Show	GitHub Exploit DB Packet Storm

301262	-	preprojects	business_cards_designer	SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2011-5139	2024-11-21 10:33	2012-09-1	Show	GitHub Exploit DB Packet Storm

301263	-	tforum	tforum	Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action.	CWE-79 Cross-site Scripting	CVE-2011-5138	2024-11-21 10:33	2012-09-1	Show	GitHub Exploit DB Packet Storm

301264	-	tforum	tforum	Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard…	CWE-89 SQL Injection	CVE-2011-5137	2024-11-21 10:33	2012-09-1	Show	GitHub Exploit DB Packet Storm

301265	-	epractizelabs	subscription_manager	showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.	CWE-20 Improper Input Validation	CVE-2011-5136	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm

301266	-	docebo	docebolms	Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher…	CWE-89 SQL Injection	CVE-2011-5135	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm

301267	-	widgetfactorylimited	com_jce	Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arb…	NVD-CWE-Other	CVE-2011-5134	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm

301268	-	mybb	mybb	Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."	NVD-CWE-noinfo	CVE-2011-5133	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm

301269	-	mybb	mybb	Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX."	CWE-79 Cross-site Scripting	CVE-2011-5132	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm

301270	-	mybb	mybb	Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the …	CWE-352 Origin Validation Error	CVE-2011-5131	2024-11-21 10:33	2012-08-31	Show	GitHub Exploit DB Packet Storm