Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256141	6	警告	e107.org	-	e107 の CSRF 保護メカニズムにおける管理者認証をハイジャックされる脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-5084	2012-02-17 14:43	2012-02-14	Show	GitHub Exploit DB Packet Storm

256142	7.5	危険	PHPNUKE	-	PHP-Nuke 用 Web_Links module における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5083	2012-02-17 14:42	2012-02-14	Show	GitHub Exploit DB Packet Storm

256143	4.3	警告	Bluechip Software	-	TYPO3 用 Post data records to facebook エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1087	2012-02-17 14:42	2012-02-14	Show	GitHub Exploit DB Packet Storm

256144	4.3	警告	UrlTool	-	TYPO3 用 UrlTool エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1086	2012-02-17 14:41	2012-02-14	Show	GitHub Exploit DB Packet Storm

256145	5	警告	BE User Switch	-	TYPO3 用 BE User Switch エクステンションにおける重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2012-1085	2012-02-17 14:40	2012-02-14	Show	GitHub Exploit DB Packet Storm

256146	4.3	警告	BE User Switch	-	TYPO3 用 BE User Switch エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1084	2012-02-17 14:39	2012-02-14	Show	GitHub Exploit DB Packet Storm

256147	6.8	警告	Terminal PHP Shell	-	TYPO3 用 Terminal PHP Shell エクステンションにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1083	2012-02-17 14:38	2012-02-14	Show	GitHub Exploit DB Packet Storm

256148	3.5	注意	Terminal PHP Shell	-	TYPO3 用 Terminal PHP Shell エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1082	2012-02-17 14:37	2012-02-14	Show	GitHub Exploit DB Packet Storm

256149	4.3	警告	Roderick Braun	-	TYPO3 用 Yet another Google search エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1081	2012-02-17 14:37	2012-02-14	Show	GitHub Exploit DB Packet Storm

256150	4.3	警告	Euro Calculator	-	TYPO3 用 Euro Calculator エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1080	2012-02-17 14:36	2012-02-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246161	5.4	MEDIUM Network	chartered_accountant_\	_auditor_website_project	PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.	CWE-79 Cross-site Scripting	CVE-2018-20636	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246162	4.3	MEDIUM Network	advance_b2b_script_project	advance_b2b_script	PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.	CWE-22 Path Traversal	CVE-2018-20635	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246163	6.5	MEDIUM Network	advance_b2b_script_project	advance_b2b_script	PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (changed Page structure) via JavaScript code in the First Name field.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-20634	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246164	8.8	HIGH Network	advance_b2b_script_project	advance_b2b_script	PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.	CWE-352 Origin Validation Error	CVE-2018-20633	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246165	5.4	MEDIUM Network	advance_b2b_script_project	advance_b2b_script	PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field.	CWE-79 Cross-site Scripting	CVE-2018-20632	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246166	5.3	MEDIUM Network	website_seller_script_project	website_seller_script	PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.	CWE-22 Path Traversal	CVE-2018-20631	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246167	5.3	MEDIUM Network	advance_crowdfunding_script_project	advance_crowdfunding_script	PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.	CWE-22 Path Traversal	CVE-2018-20630	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246168	5.3	MEDIUM Network	charity_donation_script_project	charity_donation_script	PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.	CWE-22 Path Traversal	CVE-2018-20629	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246169	7.5	HIGH Network	charity_foundation_script_project	charity_foundation_script	PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.	CWE-22 Path Traversal	CVE-2018-20628	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm

246170	5.4	MEDIUM Network	consumer_reviews_script_project	consumer_reviews_script	PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box.	CWE-79 Cross-site Scripting	CVE-2018-20627	2024-11-21 13:01	2019-03-22	Show	GitHub Exploit DB Packet Storm