Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227241	6.8	警告	projectcms	-	ProjectCMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1500	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

227242	5	警告	webfileexplorer	-	Web File Explorer におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1495	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

227243	5	警告	Sendmail Consortium	-	Sendmail におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1490	2012-12-20 19:10	2009-05-5	Show	GitHub Exploit DB Packet Storm

227244	7.5	危険	rens rikkerink	-	Fungamez の includes/user.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-1489	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227245	6.8	警告	rens rikkerink	-	FunGamez の admin/load.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1488	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227246	7.5	危険	rens rikkerink	-	FunGamez の pages/login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1487	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227247	6.8	警告	studiolounge	-	index2.php から到達可能な Adam Patterson Studio Lounge Address Book における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2009-1483	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227248	7.5	危険	pjhome	-	PJBlog3 の action.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1481	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227249	7.5	危険	Pragyan CMS Project	-	index.php Pragyan CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1480	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

227250	7.5	危険	razorCMS	-	razorCMS における任意のページへ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-1463	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224311	5.3	MEDIUM Network	limesurvey	limesurvey	Limesurvey before 3.17.14 allows remote attackers to bruteforce the login form and enumerate usernames when the LDAP authentication method is used.	NVD-CWE-noinfo	CVE-2019-16180	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224312	5.3	MEDIUM Network	limesurvey	limesurvey	Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.	CWE-295 Improper Certificate Validation	CVE-2019-16179	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224313	5.4	MEDIUM Network	limesurvey	limesurvey	A stored cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows authenticated users with correct permissions to inject arbitrary web script or HTML via titles of …	CWE-79 Cross-site Scripting	CVE-2019-16178	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224314	7.5	HIGH Network	limesurvey	limesurvey	In Limesurvey before 3.17.14, the entire database is exposed through browser caching.	CWE-200 Information Exposure	CVE-2019-16177	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224315	5.3	MEDIUM Network	limesurvey	limesurvey	A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem.	NVD-CWE-noinfo	CVE-2019-16176	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224316	4.3	MEDIUM Network	limesurvey	limesurvey	A clickjacking vulnerability was found in Limesurvey before 3.17.14.	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2019-16175	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224317	8.8	HIGH Network	limesurvey	limesurvey	An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity.	CWE-611 XXE	CVE-2019-16174	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224318	6.1	MEDIUM Network	liferay	liferay_portal	Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.	CWE-79 Cross-site Scripting	CVE-2019-16147	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224319	6.1	MEDIUM Network	padrinorb	padrino-contrib	The breadcrumbs contributed module through 0.2.0 for Padrino Framework allows XSS via a caption.	CWE-79 Cross-site Scripting	CVE-2019-16145	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

224320	9.8	CRITICAL Network	dlink	dir-868l_firmware dir-885l_firmware dir-895l_firmware	SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to fold…	CWE-287 Improper Authentication	CVE-2019-16190	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm