Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228021	4.3	警告	sjoerd arendsen	-	Drupal 用モジュールの Simplenews Statistics におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3783	2012-12-20 19:28	2009-10-26	Show	GitHub Exploit DB Packet Storm

228022	7.5	危険	quicksketch	-	Drupal 用の FileField モジュールにおける許可されていないファイルにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3781	2012-12-20 19:28	2009-10-21	Show	GitHub Exploit DB Packet Storm

228023	4.3	警告	stefan auditor	-	Drupal 用の vCard モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3779	2012-12-20 19:28	2009-10-21	Show	GitHub Exploit DB Packet Storm

228024	7.5	危険	santostefano giovanni	-	ToyLog の read.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3750	2012-12-20 19:28	2009-10-22	Show	GitHub Exploit DB Packet Storm

228025	5	警告	ウェブセンス	-	Websense Personal Email Manager および Email Security の Web Administrator サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-3749	2012-12-20 19:28	2009-10-22	Show	GitHub Exploit DB Packet Storm

228026	4.3	警告	ウェブセンス	-	Websense Personal Email Manager および Email Security の Web Administrator におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3748	2012-12-20 19:28	2009-10-22	Show	GitHub Exploit DB Packet Storm

228027	4.3	警告	tbmnet	-	TBmnetCMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3747	2012-12-20 19:28	2009-10-22	Show	GitHub Exploit DB Packet Storm

228028	10	危険	riorey	-	RioRey RIOS における権限を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-3710	2012-12-20 19:28	2009-10-16	Show	GitHub Exploit DB Packet Storm

228029	5	警告	zoiper	-	ZoIPer におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-3704	2012-12-20 19:28	2009-10-16	Show	GitHub Exploit DB Packet Storm

228030	7.5	危険	php-calendar project	-	PHP-Calendar における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3702	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
317711	-	ultimate_php_board	ultimate_php_board	Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the …	NVD-CWE-Other	CVE-2006-3204	2024-02-14 10:17	2006-06-24	Show	GitHub Exploit DB Packet Storm

317712	-	ultimate_php_board	ultimate_php_board	Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that…	NVD-CWE-Other	CVE-2006-3205	2024-02-14 10:17	2006-06-24	Show	GitHub Exploit DB Packet Storm

317713	-	ultimate_php_board	ultimate_php_board	Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configurati…	NVD-CWE-Other	CVE-2006-3208	2024-02-14 10:17	2006-06-24	Show	GitHub Exploit DB Packet Storm

317714	-	viart	shop	Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary we…	NVD-CWE-Other	CVE-2006-2979	2024-02-14 10:17	2006-06-13	Show	GitHub Exploit DB Packet Storm

317715	-	viart_ltd	viart_shop_free	SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute …	NVD-CWE-Other	CVE-2006-2980	2024-02-14 10:17	2006-06-13	Show	GitHub Exploit DB Packet Storm

317716	-	linksys	wrt54g wrt54g_v5	Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which…	NVD-CWE-Other	CVE-2006-2559	2024-02-14 10:17	2006-05-24	Show	GitHub Exploit DB Packet Storm

317717	-	sitecom	wl-153_router_firmware wl-153	Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2006-2560	2024-02-14 10:17	2006-05-24	Show	GitHub Exploit DB Packet Storm

317718	-	edimax	br_6104k	Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewIntern…	NVD-CWE-Other	CVE-2006-2561	2024-02-14 10:17	2006-05-24	Show	GitHub Exploit DB Packet Storm

317719	-	zyxel	p-335wt_router	ZyXEL P-335WT router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2006-2562	2024-02-14 10:17	2006-05-24	Show	GitHub Exploit DB Packet Storm

317720	-	lighthouse_development	squirrelcart	PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.	NVD-CWE-Other	CVE-2006-2483	2024-02-14 10:17	2006-05-20	Show	GitHub Exploit DB Packet Storm