Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226861	4.3	警告	xigla	-	Xigla Absolute Control Panel XE の admin/users.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2756	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

226862	7.1	危険	サン・マイクロシステムズ	-	Sun Java System Calendar Server などの cshttpd におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-2749	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

226863	5	警告	skulltag team	-	Skulltag におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-2748	2012-12-20 18:52	2008-06-18	Show	GitHub Exploit DB Packet Storm

226864	4.3	警告	vBulletin Solutions, Inc.	-	vBulletin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2744	2012-12-20 18:52	2008-06-9	Show	GitHub Exploit DB Packet Storm

226865	4.3	警告	Xerox	-	Xerox 4110 などの Copier/Printers の組み込み Web サーバにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2743	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

226866	4.3	警告	TYPO3 Association	-	TYPO3 の fe_adminlib.inc におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2718	2012-12-20 18:52	2008-06-16	Show	GitHub Exploit DB Packet Storm

226867	9.3	危険	サン・マイクロシステムズ	-	Sun Java System AM における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2705	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

226868	4.3	警告	web-album	-	WEBalbum の photo_add-c.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2698	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

226869	7.5	危険	phpinv	-	phpInv の entry.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2695	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

226870	4.3	警告	phpinv	-	phpInv の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2694	2012-12-20 18:52	2008-06-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
721	3.5	LOW Network	-	-	A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the arg… New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-7390	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

722	7.3	HIGH Network	-	-	A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sort_asc leads… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7389	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

723	4.7	MEDIUM Network	-	-	A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the function editFile of the file application/admin/logic/FilemanagerLogic.php of the component Template File Handler. Executing a m… New	CWE-74 CWE-94 Injection Code Injection	CVE-2026-7388	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

724	7.3	HIGH Network	-	-	A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation of the argument message_ids can lead to pa… New	CWE-22 Path Traversal	CVE-2026-7386	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

725	8.8	HIGH Network	-	-	Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Com… New	CWE-78 OS Command	CVE-2026-6849	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

726	-		-	-	http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… Update	CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences	CVE-2026-6019	2026-04-30 01:16	2026-04-23	Show	GitHub Exploit DB Packet Storm

727	9.6	CRITICAL Network	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. … New	CWE-22 Path Traversal	CVE-2026-5166	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

728	8.8	HIGH Network	-	-	Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking… New	CWE-266 CWE-269 CWE-284 Incorrect Privilege Assignment Improper Privilege Management Improper Access Control	CVE-2026-5141	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

729	-		-	-	If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different tha… New	CWE-22 Path Traversal	CVE-2026-3087	2026-04-30 01:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

730	-		-	-	Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads d… New	-	CVE-2026-38993	2026-04-30 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm