Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195931 7.5 危険 bartels-schoene - Bartels Schone ConPresso の firma.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2124 2012-06-26 16:19 2010-06-1 Show GitHub Exploit DB Packet Storm
195932 2.6 注意 brekeke - Brekeke PBX の pbx/gate におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-2114 2012-06-26 16:19 2010-05-28 Show GitHub Exploit DB Packet Storm
195933 4.3 警告 Apache Software Foundation - SAP Business Objects などで使用される Apache Axis2/Java の axis2-admin/axis2-admin/engagingglobally におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2103 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195934 7.5 危険 e107.org - e107 の bbcode/php.bb における PHP リモートファイルインクルージョンの脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2099 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195935 7.5 危険 e107.org - e107 の usersettings.php におけるSQL インジェクション攻撃を誘発される脆弱性 CWE-Other
その他 		CVE-2010-2098 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195936 7.5 危険 cmsqlite - CMSQlite の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2096 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195937 7.5 危険 cmsqlite - CMSQlite の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2095 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195938 7.5 危険 The Cacti Group - Cacti の graph.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2092 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195939 4 警告 Apache Software Foundation - IBM WebSphere Application Server などで使用される Apache MyFaces における任意の EL 宣言文を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2086 2012-06-26 16:19 2010-05-27 Show GitHub Exploit DB Packet Storm
195940 5 警告 シスコシステムズ - Cisco Scientific Atlanta WebSTAR DPC2100R2 ケーブルモデムの Web インターフェースにおける特権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-2082 2012-06-26 16:19 2010-05-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269551 - tunez tunez Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries. NVD-CWE-Other
CVE-2004-2349 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269552 - phpbb_group phpbb SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. NVD-CWE-Other
CVE-2004-2350 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269553 - martin_bauer gbook Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and… NVD-CWE-Other
CVE-2004-2351 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269554 - martin_bauer gbook Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is no… NVD-CWE-Other
CVE-2004-2352 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269555 - - - BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to ob… NVD-CWE-Other
CVE-2004-2353 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269556 - francisco_burzi
warpspeed 		php-nuke
4nguestbook 		SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-s… NVD-CWE-Other
CVE-2004-2354 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269557 - crafty_syntax_live_help crafty_syntax_live_help Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session. NVD-CWE-Other
CVE-2004-2355 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269558 - fizmez fizmez_web_server Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, whic… NVD-CWE-Other
CVE-2004-2356 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269559 - proofpoint proofpoint_protection_server The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. NVD-CWE-Other
CVE-2004-2357 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
269560 - - - Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter. NVD-CWE-Other
CVE-2004-2358 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm