Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
254911 7.5 危険 XWiki - XWiki Enterprise における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4641 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254912 4.3 警告 XWiki - XWiki Watch におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4640 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254913 7.5 危険 intendance - MySource Matrix の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4639 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254914 6.8 警告 iptechinside - JQuarks4s コンポーネントの submitSurvey 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4638 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254915 4.3 警告 finalcut - WordPress の FeedList プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4637 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254916 7.5 危険 site2nite - Site2Nite Business e-Listings の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4636 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254917 7.5 危険 site2nite - Site2Nite VRBO Listings の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4635 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254918 7.5 危険 sumeffect - digiSHOP の cart.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4633 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254919 7.5 危険 PilotCart - ASPilot Pilot Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4632 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
254920 4.3 警告 PilotCart - ASPilot Pilot Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4631 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345551 - tugzip tugzip Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. (dot dot) in an … NVD-CWE-Other
CVE-2006-1715 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345552 - mybulletinboard mybulletinboard Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode… NVD-CWE-Other
CVE-2006-1716 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345553 - mybulletinboard mybulletinboard Successful exploitation requires that unauthenticated users are allowed to post new threads (not the default setting). NVD-CWE-Other
CVE-2006-1716 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345554 - mybulletinboard mybulletinboard Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary … NVD-CWE-Other
CVE-2006-1717 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345555 - mybulletinboard mybulletinboard Successful exploitation requires that unauthenticated users are allowed to post new threads (not the default setting). NVD-CWE-Other
CVE-2006-1717 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345556 - clever_copy clever_copy Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via … NVD-CWE-Other
CVE-2006-1718 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345557 - microsoft ie Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property. NVD-CWE-Other
CVE-2006-1719 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345558 - arabless saphplesson Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue … NVD-CWE-Other
CVE-2006-1720 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345559 - cyrus sasl digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of se… CWE-20
 Improper Input Validation 
CVE-2006-1721 2018-10-19 01:34 2006-04-12 Show GitHub Exploit DB Packet Storm
345560 - mozilla firefox
seamonkey
thunderbird
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via u… NVD-CWE-Other
CVE-2006-1723 2018-10-19 01:34 2006-04-14 Show GitHub Exploit DB Packet Storm