Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 25, 2025, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189391 6.5 警告 holger schurig - DeStar の user/settings/ における destar_cfg.py へ任意の Python コードを挿入される脆弱性 CWE-94
コード・インジェクション
CVE-2008-6539 2012-09-25 17:27 2009-03-29 Show GitHub Exploit DB Packet Storm
189392 5 警告 holger schurig - DeStar における任意のユーザを追加される脆弱性 CWE-20
不適切な入力確認
CVE-2008-6538 2012-09-25 17:27 2009-03-29 Show GitHub Exploit DB Packet Storm
189393 5 警告 LightNEasy - LightNEasy の LightNEasy/lightneasy.php における管理者のパスワードハッシュを取得される脆弱性 CWE-200
情報漏えい
CVE-2008-6537 2012-09-25 17:27 2009-03-29 Show GitHub Exploit DB Packet Storm
189394 7.5 危険 paypalestores - Paypal eStores の admin/settings.php におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2008-6535 2012-09-25 17:27 2009-03-26 Show GitHub Exploit DB Packet Storm
189395 7.5 危険 NicePHPScripts.com - Nice PHP FAQ Script の Admin Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6525 2012-09-25 17:27 2009-03-25 Show GitHub Exploit DB Packet Storm
189396 10 危険 imatix - Xitami Web Server の SSI フィルタにおけるサービス運用妨害 (DoS) の脆弱性 CWE-134
書式文字列の問題
CVE-2008-6520 2012-09-25 17:27 2009-03-25 Show GitHub Exploit DB Packet Storm
189397 10 危険 imatix - Xitami Web Server におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題
CVE-2008-6519 2012-09-25 17:27 2009-03-25 Show GitHub Exploit DB Packet Storm
189398 7.5 危険 nick jenkin - NewsHOWLER における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6517 2012-09-25 17:27 2009-03-25 Show GitHub Exploit DB Packet Storm
189399 5.8 警告 Ignite Realtime - Openfire の login.jsp におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認
CVE-2008-6511 2012-09-25 17:27 2009-03-23 Show GitHub Exploit DB Packet Storm
189400 5 警告 opensymphony - Apache Struts などで使用される OpenSymphony XWork におけるコンテキストオブジェクトを変更される脆弱性 CWE-20
不適切な入力確認
CVE-2008-6504 2012-09-25 17:27 2009-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
278041 - the_ignition_project ignitionserver mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allow… NVD-CWE-Other
CVE-2005-1641 2008-09-6 05:49 2005-05-17 Show GitHub Exploit DB Packet Storm
278042 - gurgens gurgens_guest_book Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and p… NVD-CWE-Other
CVE-2005-1647 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278043 - gurgens gurgens_ultimate_forum Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames a… NVD-CWE-Other
CVE-2005-1648 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278044 - woppoware postmaster Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm param… NVD-CWE-Other
CVE-2005-1651 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278045 - woppoware postmaster message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to bypass authentication by modifying the email parameter. NVD-CWE-Other
CVE-2005-1652 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278046 - woppoware postmaster Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter. NVD-CWE-Other
CVE-2005-1653 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278047 - aol instant_messenger AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. NVD-CWE-Other
CVE-2005-1655 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278048 - mercur mercur_messaging Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20"). NVD-CWE-Other
CVE-2005-1656 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278049 - mercur mercur_messaging Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) dele… NVD-CWE-Other
CVE-2005-1657 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
278050 - myserver myserver Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). NVD-CWE-Other
CVE-2005-1658 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm