Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252061 6.5 警告 bouzouste - Primitive CMS の cms_write.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3482 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
252062 6.8 警告 ApPHP - ApPHP PHP MicroCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3481 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
252063 4.3 警告 g.rodola - pyftpdlib の FTPHandler クラスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2010-3494 2012-03-27 18:42 2009-04-1 Show GitHub Exploit DB Packet Storm
252064 6.8 警告 ApPHP - ApPHP PHP MicroCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3480 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
252065 7.5 危険 boutikone - BoutikOne の list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3479 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
252066 5 警告 OTRS プロジェクト - OTRS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3476 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
252067 5.8 警告 IBM - IBM FileNet P8AE の Workplace コンポーネントにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3473 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
252068 4.3 警告 IBM - IBM FileNet P8AE の Workplace コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3472 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
252069 4.3 警告 IBM - IBM FileNet P8AE の Workplace コンポーネントにおけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2010-3471 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
252070 4.3 警告 IBM - IBM FileNet P8AE の Workplace コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3470 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246381 5.4 MEDIUM
Network 		php_template_store_script_project php_template_store_script PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile. CWE-79
Cross-site Scripting 		CVE-2018-14869 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246382 8.8 HIGH
Network 		ocsinventory-ng ocs_inventory_server Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access t… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-14857 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246383 7.5 HIGH
Network 		nystudio107 seomatic A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can… CWE-94
Code Injection 		CVE-2018-14716 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246384 8.8 HIGH
Network 		otrs
debian 		open_ticket_request_system
debian_linux 		An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their pr… NVD-CWE-noinfo
CVE-2018-14593 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246385 5.4 MEDIUM
Network 		readymadeb2bscript basic_b2b PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. CWE-79
Cross-site Scripting 		CVE-2018-14541 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246386 5.4 MEDIUM
Network 		tendacn d152_firmware Tenda D152 ADSL routers allow XSS via a crafted SSID. CWE-79
Cross-site Scripting 		CVE-2018-14497 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246387 9.1 CRITICAL
Network 		ocsinventory-ng ocsinventory_ng OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate i… CWE-611
XXE 		CVE-2018-14473 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246388 9.8 CRITICAL
Network 		softnas cloud A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the s… CWE-78
OS Command  		CVE-2018-14417 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246389 9.8 CRITICAL
Network 		tecrail responsive_filemanager upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2018-14728 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246390 7.5 HIGH
Network 		cryptogs cryptogs The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can pre… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2018-14715 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm