Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
252611 7.5 危険 chumpsoft - phpQ の inc/ifunctions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4966 2012-06-26 15:37 2006-09-24 Show GitHub Exploit DB Packet Storm
252612 6.4 警告 Exponent CMS project - Exponent CMS の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4963 2012-06-26 15:37 2006-09-23 Show GitHub Exploit DB Packet Storm
252613 6.4 警告 blue dragon - Php Blue Dragon の pbd_engine.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4962 2012-06-26 15:37 2006-09-23 Show GitHub Exploit DB Packet Storm
252614 7.5 危険 blue dragon - Php Blue Dragon の GetModuleConfig 関数における SQL インジェクションの脆弱性 - CVE-2006-4961 2012-06-26 15:37 2006-09-23 Show GitHub Exploit DB Packet Storm
252615 6.8 警告 blue dragon - Php Blue Dragon の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4960 2012-06-26 15:37 2006-09-23 Show GitHub Exploit DB Packet Storm
252616 4.3 警告 Drupal - Drupal の Site Profile Directory におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4949 2012-06-26 15:37 2006-09-20 Show GitHub Exploit DB Packet Storm
252617 6.8 警告 Drupal - Drupal の Search Keywords モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4947 2012-06-26 15:37 2006-09-20 Show GitHub Exploit DB Packet Storm
252618 5.1 警告 cmsdevelopment - BCWB の include/startup.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4946 2012-06-26 15:37 2006-09-22 Show GitHub Exploit DB Packet Storm
252619 5.1 警告 cardway - Cardway DigitalWebShop における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4945 2012-06-26 15:37 2006-09-22 Show GitHub Exploit DB Packet Storm
252620 7.5 危険 boesch-it - ProgSys の includes/pear/Net/DNS/RR.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4944 2012-06-26 15:37 2006-09-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
245931 2.3 LOW
Local
cpanel cpanel cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). CWE-20
 Improper Input Validation 
CVE-2018-20893 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245932 4.3 MEDIUM
Network
cpanel cpanel cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). NVD-CWE-noinfo
CVE-2018-20892 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245933 5.5 MEDIUM
Local
cpanel cpanel cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436). CWE-20
 Improper Input Validation 
CVE-2018-20891 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245934 4.3 MEDIUM
Network
cpanel cpanel cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426). CWE-284
Improper Access Control
CVE-2018-20890 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245935 4.4 MEDIUM
Local
cpanel cpanel cPanel before 74.0.0 allows certain file-read operations via password file caching (SEC-425). CWE-200
Information Exposure
CVE-2018-20889 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245936 5.5 MEDIUM
Local
cpanel cpanel cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). CWE-287
Improper Authentication
CVE-2018-20888 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245937 9.8 CRITICAL
Network
cpanel cpanel cPanel before 74.0.0 allows SQL injection during database backups (SEC-420). CWE-89
SQL Injection
CVE-2018-20887 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245938 5.3 MEDIUM
Local
cpanel cpanel cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). CWE-922
 Insecure Storage of Sensitive Information
CVE-2018-20886 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245939 5.3 MEDIUM
Network
cpanel cpanel cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416). CWE-74
Injection
CVE-2018-20885 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm
245940 5.4 MEDIUM
Network
cpanel cpanel cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367). CWE-79
Cross-site Scripting
CVE-2018-20884 2024-11-21 13:02 2019-08-1 Show GitHub Exploit DB Packet Storm