Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201311	7.5	危険	Castor Project	-	2le.net Castor PHP Web Builder における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5481	2012-06-26 15:37	2006-10-24	Show	GitHub Exploit DB Packet Storm

201312	5.1	警告	Castor Project	-	2le.net Castor PHP Web Builder の lib/rs.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5480	2012-06-26 15:37	2006-10-24	Show	GitHub Exploit DB Packet Storm

201313	2.6	注意	Drupal	-	Drupal における任意のフォーム情報を取得される脆弱性	-	CVE-2006-5477	2012-06-26 15:37	2006-10-18	Show	GitHub Exploit DB Packet Storm

201314	7.5	危険	Drupal	-	Drupal におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2006-5476	2012-06-26 15:37	2006-10-18	Show	GitHub Exploit DB Packet Storm

201315	6.8	警告	Drupal	-	Drupal の XML パーサにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5475	2012-06-26 15:37	2006-10-18	Show	GitHub Exploit DB Packet Storm

201316	2.1	注意	Avahi	-	Avahi における Avahi へのネットワーク変更を傍受される脆弱性	-	CVE-2006-5461	2012-06-26 15:37	2006-11-14	Show	GitHub Exploit DB Packet Storm

201317	7.5	危険	alex	-	Download-Engine における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5459	2012-06-26 15:37	2006-10-23	Show	GitHub Exploit DB Packet Storm

201318	4.3	警告	casinosoft	-	Casinosoft Casino Script の登録フォームにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5457	2012-06-26 15:37	2006-10-23	Show	GitHub Exploit DB Packet Storm

201319	4.3	警告	dev	-	DEV WMS の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5447	2012-06-26 15:37	2006-10-23	Show	GitHub Exploit DB Packet Storm

201320	5.1	警告	casinosoft	-	Casinosoft Casino Script の lobby/config.php における SQL インジェクションの脆弱性	-	CVE-2006-5446	2012-06-26 15:37	2006-10-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274781	-	alienvault	open_source_security_information_management	SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote …	CWE-89 SQL Injection	CVE-2009-4375	2010-05-11 13:00	2009-12-22	Show	GitHub Exploit DB Packet Storm

274782	-	mega-nerd	libsndfile	The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of se…	CWE-189 Numeric Errors	CVE-2009-4835	2010-05-11 13:00	2010-05-6	Show	GitHub Exploit DB Packet Storm

274783	-	phpscripte24	pay_per_watch_\&_bid_auktions_system	Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not pr…	CWE-79 Cross-site Scripting	CVE-2010-1854	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274784	-	realitymedias	repairshop2	Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the prod para…	CWE-79 Cross-site Scripting	CVE-2010-1856	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274785	-	deluxebb	deluxebb	SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when a…	CWE-89 SQL Injection	CVE-2010-1859	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274786	-	php	php	The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an …	CWE-399 Resource Management Errors	CVE-2010-1861	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274787	-	clantiger	clantiger	SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter.	CWE-89 SQL Injection	CVE-2010-1863	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274788	-	festic	semanticscuttle	Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspe…	CWE-79 Cross-site Scripting	CVE-2009-4852	2010-05-10 13:00	2010-05-8	Show	GitHub Exploit DB Packet Storm

274789	-	roshan_singh	open_direct_connect_hub	Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1147	2010-05-8 14:57	2010-04-7	Show	GitHub Exploit DB Packet Storm

274790	-	lexmark	25xxn c510 c52x c53x c540 c543 c544 c546 c73x c77x c78x c920 c935dn e120 e238 e23x e240 e240n e250 e260 e33x e34x e350 e360d e3…	The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause …	CWE-20 Improper Input Validation	CVE-2010-0101	2010-05-7 13:00	2010-05-5	Show	GitHub Exploit DB Packet Storm