Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228221 7.5 危険 Simple Invoices - Simple Invoices 2007 の index.php における SQL インジェクションの脆弱性 - CVE-2007-3430 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228222 7.5 危険 ZoneO-soft - phpTrafficA における脆弱性 - CVE-2007-3428 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228223 7.5 危険 ZoneO-soft - phpTrafficA の index.php における SQL インジェクションの脆弱性 - CVE-2007-3427 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228224 4.3 警告 ZoneO-soft - phpTrafficA の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3426 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228225 5 警告 ZoneO-soft - phpTrafficA の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3425 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228226 7.5 危険 web-app.org - web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性 - CVE-2007-3424 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228227 7.5 危険 web-app.org - web-app.org WebAPP の cgi-bin/cgi-lib/instantmessage.pl における脆弱性 - CVE-2007-3423 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228228 7.5 危険 web-app.org - web-app.org WebAPP の cgi-bin/cgi-lib/subs.pl における脆弱性 - CVE-2007-3422 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228229 7.5 危険 web-app.org - web-app.org WebAPP のログイン機能などにおける脆弱性 - CVE-2007-3421 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
228230 7.5 危険 web-app.org - web-app.org WebAPP の cgi-bin/cgi-lib/subs.pl における脆弱性 - CVE-2007-3420 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222321 9.8 CRITICAL
Network 		it-novum openitcockpit openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. CWE-78
OS Command  		CVE-2019-15490 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222322 6.1 MEDIUM
Network 		igniterealtime openfire Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. CWE-79
Cross-site Scripting 		CVE-2019-15488 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222323 6.1 MEDIUM
Network 		schoolexperience department_for_education_school_experience DfE School Experience before v16333-GA has XSS via a teacher training URL. CWE-79
Cross-site Scripting 		CVE-2019-15487 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222324 6.1 MEDIUM
Network 		django_js_reverse_project django_js_reserve django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_reverse_inline. CWE-79
Cross-site Scripting 		CVE-2019-15486 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222325 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. CWE-79
Cross-site Scripting 		CVE-2019-15485 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222326 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via an image's alt or title field. CWE-79
Cross-site Scripting 		CVE-2019-15484 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222327 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. CWE-79
Cross-site Scripting 		CVE-2019-15483 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222328 6.1 MEDIUM
Network 		selectize-plugin-a11y_project selectize-plugin-a11y selectize-plugin-a11y before 1.1.0 has XSS via the msg field. CWE-79
Cross-site Scripting 		CVE-2019-15482 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222329 6.1 MEDIUM
Network 		kimai kimai_2 Kimai v2 before 1.1 has XSS via a timesheet description. CWE-79
Cross-site Scripting 		CVE-2019-15481 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222330 5.4 MEDIUM
Network 		domoticz domoticz Domoticz 4.10717 has XSS via item.Name. CWE-79
Cross-site Scripting 		CVE-2019-15480 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm