|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
Update Date":July 1, 2026, 4:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 251991 | 7.5 | 危険 | Etomite Project | - | Etomite CMS におけるファイルをアップロードされる脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2006-7070 | 2012-06-26 15:38 | 2007-03-2 | Show | GitHub Exploit DB Packet Storm |
| 251992 | 6.6 | 警告 | GNU Project レッドハット |
- | Fedora Core の libltdl.so における任意のコードを実行される脆弱性 | - | CVE-2006-7151 | 2012-06-26 15:38 | 2006-10-8 | Show | GitHub Exploit DB Packet Storm |
| 251993 | 5.5 | 警告 | Drupal | - | Drupal の IMCE モジュールの delete 関数におけるディレクトリトラバーサルの脆弱性 | - | CVE-2006-7110 | 2012-06-26 15:38 | 2006-10-2 | Show | GitHub Exploit DB Packet Storm |
| 251994 | 6.5 | 警告 | Drupal | - | Drupal の IMCE モジュールにおける任意の PHP コードをアップロードされる脆弱性 | - | CVE-2006-7109 | 2012-06-26 15:38 | 2006-10-2 | Show | GitHub Exploit DB Packet Storm |
| 251995 | 6.6 | 警告 | Debian | - | Apache HTTP Server における tty 端末への権限を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2006-7098 | 2012-06-26 15:38 | 2006-03-18 | Show | GitHub Exploit DB Packet Storm |
| 251996 | 8.5 | 危険 | Gentoo Linux Debian |
- | Gentoo などで使用される ftpd における gid 0 の権限を持つ任意のディレクトリを一覧にされる脆弱性 | - | CVE-2006-7094 | 2012-06-26 15:38 | 2006-11-15 | Show | GitHub Exploit DB Packet Storm |
| 251997 | 7.5 | 危険 | cliserv | - | CliServ Web Community における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-7068 | 2012-06-26 15:38 | 2007-03-2 | Show | GitHub Exploit DB Packet Storm |
| 251998 | 6.8 | 警告 | dreamcost | - | DreamCost HostAdmin における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-7056 | 2012-06-26 15:38 | 2007-02-23 | Show | GitHub Exploit DB Packet Storm |
| 251999 | 7.5 | 危険 | Claroline Consortium | - | Claroline における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-7048 | 2012-06-26 15:38 | 2007-02-23 | Show | GitHub Exploit DB Packet Storm |
| 252000 | 9.3 | 危険 | clan manager pro | - | CMPRO 用 cmpro.intern/login.inc.php における PHP リモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2006-7046 | 2012-06-26 15:38 | 2007-02-23 | Show | GitHub Exploit DB Packet Storm |
Update Date:July 1, 2026, 4:27 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254751 | 5.4 |
MEDIUM
Network |
iscripts | supportdesk | iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-10051 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254752 | 7.2 |
HIGH
Network |
iscripts | eswap | iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel. |
CWE-89
SQL Injection |
CVE-2018-10050 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254753 | 4.8 |
MEDIUM
Network |
iscripts | eswap | iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel. |
CWE-79
Cross-site Scripting |
CVE-2018-10049 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254754 | 8.8 |
HIGH
Network |
iscripts | eswap | iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel. |
CWE-352
Origin Validation Error |
CVE-2018-10048 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254755 | 4.8 |
MEDIUM
Network |
cmsmadesimple | cms_made_simple | CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-10033 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254756 | 4.8 |
MEDIUM
Network |
cmsmadesimple | cms_made_simple | CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter. |
CWE-79
Cross-site Scripting |
CVE-2018-10032 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254757 | 8.8 |
HIGH
Network |
cmsmadesimple | cms_made_simple | CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php. |
CWE-352
Origin Validation Error |
CVE-2018-10031 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254758 | 8.8 |
HIGH
Network |
cmsmadesimple | cms_made_simple | CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php. |
CWE-352
Origin Validation Error |
CVE-2018-10030 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254759 | 4.8 |
MEDIUM
Network |
cmsmadesimple | cms_made_simple | CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799. |
CWE-79
Cross-site Scripting |
CVE-2018-10029 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |
| 254760 | 5.3 |
MEDIUM
Network |
joyplus-cms_project | joyplus-cms | joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI. |
CWE-200
Information Exposure |
CVE-2018-10028 | 2024-11-21 12:40 | 2018-04-12 | Show | GitHub Exploit DB Packet Storm |