Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227291 6.5 警告 Vtiger - vtiger CRM の index.php における管理の変更を実行される脆弱性 - CVE-2007-3616 2012-12-20 18:33 2006-10-24 Show GitHub Exploit DB Packet Storm
227292 8.5 危険 Zen Cart - Zen Cart におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3597 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
227293 7.5 危険 vbzoom - VBZooM の reply.php における SQL インジェクションの脆弱性 - CVE-2007-3588 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
227294 7.5 危険 postnuke software foundation - PNphpBB2 の viewforum.php における SQL インジェクションの脆弱性 - CVE-2007-3584 2012-12-20 18:33 2007-07-5 Show GitHub Exploit DB Packet Storm
227295 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3580 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
227296 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3579 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
227297 4.3 警告 PHPIDS - PHPIDS における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3578 2012-12-20 18:33 2007-07-2 Show GitHub Exploit DB Packet Storm
227298 4.3 警告 PHPIDS - PHP iCalendar の print.php における任意の Web スクリプトを挿入される脆弱性 - CVE-2007-3577 2012-12-20 18:19 2007-07-2 Show GitHub Exploit DB Packet Storm
227299 9.3 危険 yoggie - Yoggie Pico and Pico Pro 上の Web インターフェースにおける任意のコマンドを実行される脆弱性 - CVE-2007-3572 2012-12-20 18:19 2007-07-5 Show GitHub Exploit DB Packet Storm
227300 4.3 警告 softlink europe - Oliver Library Management System におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3569 2012-12-20 18:19 2007-07-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212591 9.8 CRITICAL
Network 		zoneminder zoneminder daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters. CWE-78
OS Command  		CVE-2019-8427 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212592 6.1 MEDIUM
Network 		zoneminder zoneminder skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter. CWE-79
Cross-site Scripting 		CVE-2019-8426 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212593 6.1 MEDIUM
Network 		zoneminder zoneminder includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. CWE-79
Cross-site Scripting 		CVE-2019-8425 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212594 9.8 CRITICAL
Network 		zoneminder zoneminder ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter. CWE-89
SQL Injection 		CVE-2019-8424 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212595 9.8 CRITICAL
Network 		zoneminder zoneminder ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter. CWE-89
SQL Injection 		CVE-2019-8423 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212596 7.2 HIGH
Network 		pbootcms pbootcms A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. CWE-89
SQL Injection 		CVE-2019-8422 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212597 7.2 HIGH
Network 		bagesoft bagecms upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter. CWE-89
SQL Injection 		CVE-2019-8421 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212598 6.1 MEDIUM
Network 		vnote_project vnote VNote 2.2 has XSS via a new text note. CWE-79
Cross-site Scripting 		CVE-2019-8419 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212599 8.8 HIGH
Network 		seacms seacms SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. NVD-CWE-noinfo
CVE-2019-8418 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm
212600 5.5 MEDIUM
Local 		mi mi_mix_2_firmware On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka d… CWE-476
 NULL Pointer Dereference 		CVE-2019-8413 2024-11-21 13:49 2019-02-18 Show GitHub Exploit DB Packet Storm