Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228231	6.8	警告	tecnick.com	-	TCExam の shared/config/tce_config.php におけるクロスサイトスクリプティング攻撃 (XSS) を実行される脆弱性	-	CVE-2007-2431	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228232	7.8	危険	tecnick.com	-	TCExam の shared/code/tce_tmx.php における cache/ 配下の任意の PHP ファイルを作成される脆弱性	-	CVE-2007-2430	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228233	7.5	危険	pnflashgames	-	PostNuke 用の pnFlashGames モジュールの index.php における SQL インジェクションの脆弱性	-	CVE-2007-2427	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228234	7.5	危険	wildbits	-	WordPress 用の myGallery プラグインにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2426	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228235	7.5	危険	the merchant project	-	themerchant の help/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2424	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228236	10	危険	RSAセキュリティ Progress Software Corporation	-	複数の RSA 製品で使用される Progress Software Progress および OpenEdge におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2417	2012-12-20 18:19	2007-07-15	Show	GitHub Exploit DB Packet Storm

228237	5	警告	pi3web	-	Pi3Web Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-2415	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228238	4	警告	Samba Project	-	Apple Mac OS X 上で稼動している Samba サーバにおける割り当てを超えるディスクスペースを使用される脆弱性	-	CVE-2007-2407	2012-12-20 18:19	2007-07-31	Show	GitHub Exploit DB Packet Storm

228239	5	警告	Yahoo!	-	Yahoo! UI フレームワークにおけるデータを取得される脆弱性	-	CVE-2007-2385	2012-12-20 18:19	2007-04-30	Show	GitHub Exploit DB Packet Storm

228240	7.8	危険	script.aculo.us	-	Script.aculo.us フレームワークにおけるデータを取得される脆弱性	-	CVE-2007-2384	2012-12-20 18:19	2007-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313301	-	apache	http_server	Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a \| pipe character) provided as arguments to batch (.bat)…	CWE-78 OS Command	CVE-2002-0061	2024-01-27 05:01	2002-03-21	Show	GitHub Exploit DB Packet Storm

313302	-	hypermail_development	hypermail	Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by reque…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2001-0901	2024-01-27 05:01	2001-11-19	Show	GitHub Exploit DB Packet Storm

313303	-	apache ncsa	http_server ncsa_httpd	phf CGI program allows remote command execution through shell metacharacters.	CWE-78 OS Command	CVE-1999-0067	2024-01-27 05:00	1996-03-20	Show	GitHub Exploit DB Packet Storm

313304	-	e107	e107	ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to imag…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2004-2262	2024-01-27 04:10	2004-12-31	Show	GitHub Exploit DB Packet Storm

313305	-	yvesglodt	i-man	I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-1868	2024-01-27 04:07	2005-06-9	Show	GitHub Exploit DB Packet Storm

313306	-	yapig	yapig	upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP co…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-1881	2024-01-27 04:07	2005-06-6	Show	GitHub Exploit DB Packet Storm

313307	-	deluxebb	deluxebb	DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupl…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2006-4558	2024-01-27 04:02	2006-09-6	Show	GitHub Exploit DB Packet Storm

313308	-	duware_dubanner_project	duware_dubanner	add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be b…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2006-2428	2024-01-27 04:01	2006-05-17	Show	GitHub Exploit DB Packet Storm

313309	-	rockliffe	mailsite_express	Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the ca…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-3288	2024-01-27 04:01	2005-10-23	Show	GitHub Exploit DB Packet Storm

313310	-	linux canonical debian mandriva	linux_kernel ubuntu_linux debian_linux linux	The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2005-3181	2024-01-27 03:56	2005-10-12	Show	GitHub Exploit DB Packet Storm