Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225461 5 警告 XOOPS - XOOPS の Profiles モジュールにおける管理者による承認を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4851 2012-12-20 19:28 2009-11-11 Show GitHub Exploit DB Packet Storm
225462 7.5 危険 phplivesupport - PHP Live! における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4749 2012-12-20 19:28 2010-03-26 Show GitHub Exploit DB Packet Storm
225463 7.5 危険 Tecnick.com - AIOCP の public/code/cp_html2xhtmlbasic.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4747 2012-12-20 19:28 2010-03-26 Show GitHub Exploit DB Packet Storm
225464 10 危険 Skype Technologies S.A. - Windows 上で稼動する Skype の Extras Manager における脆弱性 CWE-noinfo
情報不足 		CVE-2009-4741 2012-12-20 19:28 2010-03-26 Show GitHub Exploit DB Packet Storm
225465 7.5 危険 TYPO3 Association - TYPO3 用の Webesse E-Card エクステンションにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4740 2012-12-20 19:28 2010-03-26 Show GitHub Exploit DB Packet Storm
225466 6.8 警告 skadate - SkaDate Dating の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4739 2012-12-20 19:28 2010-03-26 Show GitHub Exploit DB Packet Storm
225467 4.3 警告 sensesites - CommonSense CMS の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4736 2012-12-20 19:28 2010-03-23 Show GitHub Exploit DB Packet Storm
225468 6.8 警告 supercrackmunkey - SimpleLoginSys の checkuser.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4733 2012-12-20 19:28 2010-03-18 Show GitHub Exploit DB Packet Storm
225469 6.8 警告 technotoad - TT Web Site Manager の tt/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4732 2012-12-20 19:28 2010-03-18 Show GitHub Exploit DB Packet Storm
225470 7.5 危険 x10media - x10 Adult Media Script の report.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4730 2012-12-20 19:28 2010-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349431 - php_heaven phpmychat PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2718 2008-09-6 05:44 2004-12-31 Show GitHub Exploit DB Packet Storm
349432 - mailenable mailenable HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and appli… NVD-CWE-Other
CVE-2004-2726 2008-09-6 05:44 2004-12-31 Show GitHub Exploit DB Packet Storm
349433 - linux linux_kernel Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arb… CWE-189
Numeric Errors 		CVE-2004-2731 2008-09-6 05:44 2004-12-31 Show GitHub Exploit DB Packet Storm
349434 - zen_cart zen_cart SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. NVD-CWE-Other
CVE-2004-2025 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm
349435 - - - The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vul… NVD-CWE-Other
CVE-2004-2070 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm
349436 - microsoft baseline_security_analyzer Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administr… NVD-CWE-Other
CVE-2004-2091 2008-09-6 05:43 2004-02-10 Show GitHub Exploit DB Packet Storm
349437 - symantec norton_antivirus Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage ret… NVD-CWE-Other
CVE-2004-2147 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm
349438 - xmlstarlet command_line_xml_toolkit Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. NVD-CWE-Other
CVE-2004-2160 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm
349439 - microsoft windows_xp The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that byp… NVD-CWE-Other
CVE-2004-2176 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm
349440 - devoybb devoybb_web_forum Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NVD-CWE-Other
CVE-2004-2177 2008-09-6 05:43 2004-12-31 Show GitHub Exploit DB Packet Storm