Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227161 7.5 危険 vunet - VU Web Visitor Analyst の redir.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2338 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227162 6 警告 RSAセキュリティ - RSA Federated Identity Manager におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2337 2012-12-20 19:29 2010-07-28 Show GitHub Exploit DB Packet Storm
227163 5 警告 yamamah - Yamamah Photo Gallery の index.php における実行ファイルのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2336 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227164 7.5 危険 yamamah - Yamamah Photo Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2335 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227165 5 警告 yamamah - Yamamah Photo Gallery の themes/default/download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2334 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227166 9.3 危険 upRedSun Corporation - iSharer File Sharing Wizard におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2331 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227167 9.3 危険 upRedSun Corporation - iSharer File Sharing Wizard におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2330 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227168 9.3 危険 rosoftengineering - Rosoft Audio Converter におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2329 2012-12-20 19:29 2010-06-18 Show GitHub Exploit DB Packet Storm
227169 4.3 警告 phpcityportal - PHPCityPortal の cms_data.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2318 2012-12-20 19:29 2010-06-17 Show GitHub Exploit DB Packet Storm
227170 7.5 危険 wmsdesign - WmsCms における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2317 2012-12-20 19:29 2010-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224961 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS. CWE-79
Cross-site Scripting 		CVE-2019-16991 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224962 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS. CWE-79
Cross-site Scripting 		CVE-2019-16989 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224963 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leadin… CWE-79
Cross-site Scripting 		CVE-2019-16988 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224964 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS. CWE-79
Cross-site Scripting 		CVE-2019-16987 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224965 6.5 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php i… CWE-22
Path Traversal 		CVE-2019-16986 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224966 6.5 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system. CWE-22
Path Traversal 		CVE-2019-16985 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224967 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS. CWE-79
Cross-site Scripting 		CVE-2019-16984 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224968 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the UR… CWE-79
Cross-site Scripting 		CVE-2019-16983 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224969 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS. CWE-79
Cross-site Scripting 		CVE-2019-16982 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm
224970 6.1 MEDIUM
Network 		fusionpbx fusionpbx In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to … CWE-79
Cross-site Scripting 		CVE-2019-16981 2024-11-21 13:31 2019-10-22 Show GitHub Exploit DB Packet Storm