Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227781 7.5 危険 torrenttrader - TorrentTrader Classic Edition の backend/admin-functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5311 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227782 7.5 危険 yannick tanguy - ELSEIF CMS における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5307 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227783 5 警告 yannick tanguy - ELSEIF CMS における重要な情報を取得される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5306 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227784 7.5 危険 yannick tanguy - ELSEIF CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5305 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227785 4.3 警告 yannick tanguy - ELSEIF CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5304 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227786 4.3 警告 snewscms - SnewsCMS Rus の news_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5303 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227787 4.3 警告 splitside - Directory Image Gallery の photos.cfm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5292 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
227788 4.3 警告 zomplog - Zomplog におけるファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5278 2012-12-20 18:33 2007-10-8 Show GitHub Exploit DB Packet Storm
227789 6.8 警告 trionic - Trionic Cite CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5271 2012-12-20 18:33 2007-10-8 Show GitHub Exploit DB Packet Storm
227790 7.5 危険 phpfreelog - phpFreeLog の log.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5258 2012-12-20 18:33 2007-10-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
213391 5.4 MEDIUM
Network 		rental_bike_script_project rental_bike_script PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section. CWE-79
Cross-site Scripting 		CVE-2019-7432 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213392 6.5 MEDIUM
Network 		image_sharing_script_project image_sharing_script PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory. CWE-200
Information Exposure 		CVE-2019-7431 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213393 5.3 MEDIUM
Network 		image_sharing_script_project image_sharing_script PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar. CWE-79
Cross-site Scripting 		CVE-2019-7430 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213394 6.5 MEDIUM
Network 		property_rental_software_project property_rental_software PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory. CWE-200
Information Exposure 		CVE-2019-7429 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213395 6.1 MEDIUM
Network 		zohocorp manageengine_netflow_analyzer XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter. CWE-79
Cross-site Scripting 		CVE-2019-7425 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213396 6.1 MEDIUM
Network 		zohocorp manageengine_netflow_analyzer XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTim… CWE-79
Cross-site Scripting 		CVE-2019-7424 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213397 6.1 MEDIUM
Network 		zohocorp manageengine_netflow_analyzer XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter. CWE-79
Cross-site Scripting 		CVE-2019-7423 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213398 6.1 MEDIUM
Network 		zohocorp manageengine_netflow_analyzer XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter. CWE-79
Cross-site Scripting 		CVE-2019-7422 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213399 6.1 MEDIUM
Network 		samsung syncthru_web_service
x7400gx_firmware 		XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL. CWE-79
Cross-site Scripting 		CVE-2019-7421 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm
213400 6.1 MEDIUM
Network 		samsung syncthru_web_service
x7400gx_firmware 		XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter. CWE-79
Cross-site Scripting 		CVE-2019-7420 2024-11-21 13:48 2019-03-22 Show GitHub Exploit DB Packet Storm