Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228241	7.5	危険	phpwind	-	PHPWind の admin.php における SQL インジェクションの脆弱性	-	CVE-2006-7101	2012-12-20 18:18	2007-03-3	Show	GitHub Exploit DB Packet Storm

228242	6.8	警告	phpBB	-	phpBB Insert User の includes/functions_mod_user.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-7100	2012-12-20 18:18	2007-03-3	Show	GitHub Exploit DB Packet Storm

228243	5	警告	solarpay	-	SolarPay の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7099	2012-12-20 18:18	2007-03-3	Show	GitHub Exploit DB Packet Storm

228244	10	危険	taskfreak	-	TaskFreak! における脆弱性	-	CVE-2006-7097	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228245	6.8	警告	phpbb security	-	phpBB Security の phpbb_security.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-7090	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228246	7.5	危険	simple php forum	-	Simple PHP Forum における SQL インジェクションの脆弱性	-	CVE-2006-7088	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228247	4.3	警告	rigter portal system	-	RPS における XSS 攻撃を実行される脆弱性	-	CVE-2006-7085	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228248	4.3	警告	rigter portal system	-	RPS の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7083	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228249	7.5	危険	rigter portal system	-	RPS における認証を回避される脆弱性	-	CVE-2006-7082	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

228250	7.5	危険	phpnews	-	PhpNews における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7081	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1271	7.3	HIGH Network	-	-	A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website res…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5147	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1272	7.3	HIGH Network	-	-	Una vulnerabilidad de seguridad ha sido descubierta en YunaiV yudao-cloud hasta 2026.01. Esto afecta una parte desconocida del archivo /admin-api/system/tenant/get-by-website. La manipulación del arg…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5147	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1273	5.3	MEDIUM Local	-	-	A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function child_process.execSync of the file src/server.ts. The manipulation of the argument gi…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-5125	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1274	5.3	MEDIUM Local	-	-	Una vulnerabilidad fue detectada en raine consult-llm-mcp hasta 2.5.3. Afectada por esta vulnerabilidad es la función child_process.execSync del archivo src/server.ts. La manipulación del argumento g…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-5125	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1275	4.7	MEDIUM Network	-	-	A weakness has been identified in YunaiV yudao-cloud up to 2026.01. This vulnerability affects unknown code of the file /admin-api/system/mail-log/page. This manipulation of the argument toMail cause…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5148	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1276	4.7	MEDIUM Network	-	-	Se ha identificado una debilidad en YunaiV yudao-cloud hasta 2026.01. Esta vulnerabilidad afecta código desconocido del archivo /admin-api/system/mail-log/page. Esta manipulación del argumento toMail…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5148	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1277	7.3	HIGH Network	-	-	A security vulnerability has been detected in code-projects Accounting System 1.0. This issue affects some unknown processing of the file /viewin_costumer.php of the component Parameter Handler. Such…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5150	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1278	7.3	HIGH Network	-	-	Se ha detectado una vulnerabilidad de seguridad en code-projects Accounting System 1.0. Este problema afecta a un procesamiento desconocido del archivo /viewin_costumer.php del componente Gestor de P…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-5150	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1279	9.8	CRITICAL Network	-	-	The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is …	CWE-94 Code Injection	CVE-2026-4257	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm

1280	4.3	MEDIUM Network	-	-	A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the ar…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-5157	2026-04-25 03:11	2026-03-31	Show	GitHub Exploit DB Packet Storm