Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194701 6 警告 OBM - Open Business Management の exportcsv/exportcsv_index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-5141 2012-09-5 11:09 2012-08-31 Show GitHub Exploit DB Packet Storm
194702 7.5 危険 diy-cms - DiY-CMS 用 blog モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5140 2012-09-5 11:05 2012-08-31 Show GitHub Exploit DB Packet Storm
194703 7.5 危険 PreProject.com - Pre Studio Business Cards Designer の page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5139 2012-09-5 11:00 2012-08-31 Show GitHub Exploit DB Packet Storm
194704 4.3 警告 tForum - tForum の member.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5138 2012-09-5 10:59 2012-08-31 Show GitHub Exploit DB Packet Storm
194705 7.5 危険 tForum - tForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5137 2012-09-5 10:58 2012-08-31 Show GitHub Exploit DB Packet Storm
194706 9.3 危険 Viscom Software - Viscom Image Viewer CP Pro および Gold におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-5194 2012-09-5 10:57 2012-08-31 Show GitHub Exploit DB Packet Storm
194707 9.3 危険 Viscom Software - Viscom Image Viewer CP Pro および Gold におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-5193 2012-09-5 10:55 2012-08-31 Show GitHub Exploit DB Packet Storm
194708 4.3 警告 バラクーダネットワークス - Barracuda SSL VPN におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4739 2012-09-5 10:06 2012-07-16 Show GitHub Exploit DB Packet Storm
194709 5 警告 GNU Gatekeeper - GNU Gatekeeper におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-3534 2012-09-5 10:05 2012-08-31 Show GitHub Exploit DB Packet Storm
194710 5 警告 oVirt - oVirt 用 python SDK および CLI におけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2012-3533 2012-09-5 10:03 2012-08-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
270131 - - - The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files. NVD-CWE-Other
CVE-2004-1408 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270132 - gadu-gadu gadu-gadu_instant_messenger Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. NVD-CWE-Other
CVE-2004-1411 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270133 - kayako esupport Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. NVD-CWE-Other
CVE-2004-1412 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270134 - kayako esupport Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 … NVD-CWE-Other
CVE-2004-1413 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270135 - ben3w 2bgal SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter. NVD-CWE-Other
CVE-2004-1415 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270136 - - - Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error … NVD-CWE-Other
CVE-2004-1418 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270137 - zeroboard zeroboard PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parame… CWE-94
Code Injection 		CVE-2004-1419 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270138 - zeroboard zeroboard requires that register_globals be enabled CWE-94
Code Injection 		CVE-2004-1419 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270139 - whm autopilot Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http… NVD-CWE-Other
CVE-2004-1420 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
270140 - whm whm_autopilot Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary … NVD-CWE-Other
CVE-2004-1421 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm