Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228371 9.3 危険 phpPgAdmin - phpPgAdmin の sqledit.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2865 2012-12-20 18:19 2007-05-25 Show GitHub Exploit DB Packet Storm
228372 7.5 危険 saxon - SAXON における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2861 2012-12-20 18:19 2007-05-24 Show GitHub Exploit DB Packet Storm
228373 7.5 危険 simpgb - SimpGB における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2859 2012-12-20 18:19 2007-05-24 Show GitHub Exploit DB Packet Storm
228374 6.5 警告 phpBB - phpBB 用の IP-Tracking Mod における SQL インジェクションの脆弱性 - CVE-2007-2858 2012-12-20 18:19 2007-05-24 Show GitHub Exploit DB Packet Storm
228375 7.5 危険 zakkis technology corporation - ABC Excel Parser の sample/xls2mysql における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2857 2012-12-20 18:19 2007-05-24 Show GitHub Exploit DB Packet Storm
228376 10 危険 sky software - Sky Software Shell MegaPack ActiveX の shComboBox ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2848 2012-12-20 18:19 2007-05-24 Show GitHub Exploit DB Packet Storm
228377 6.8 警告 unicon-imc2 - unicon-imc2 の ImmModules/cce/ におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2835 2012-12-20 18:19 2007-07-1 Show GitHub Exploit DB Packet Storm
228378 9.3 危険 wavelink media - TutorialCMS における認証を回避される脆弱性 - CVE-2007-2822 2012-12-20 18:19 2007-05-22 Show GitHub Exploit DB Packet Storm
228379 7.5 危険 WordPress.org - WordPress の wp-admin/admin-ajax.php における SQL インジェクションの脆弱性 - CVE-2007-2821 2012-12-20 18:19 2007-05-22 Show GitHub Exploit DB Packet Storm
228380 4.3 警告 track+ - Track+ の reportItem.do におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2819 2012-12-20 18:19 2007-05-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222321 9.8 CRITICAL
Network 		it-novum openitcockpit openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. CWE-78
OS Command  		CVE-2019-15490 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222322 6.1 MEDIUM
Network 		igniterealtime openfire Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. CWE-79
Cross-site Scripting 		CVE-2019-15488 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222323 6.1 MEDIUM
Network 		schoolexperience department_for_education_school_experience DfE School Experience before v16333-GA has XSS via a teacher training URL. CWE-79
Cross-site Scripting 		CVE-2019-15487 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222324 6.1 MEDIUM
Network 		django_js_reverse_project django_js_reserve django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_reverse_inline. CWE-79
Cross-site Scripting 		CVE-2019-15486 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222325 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. CWE-79
Cross-site Scripting 		CVE-2019-15485 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222326 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via an image's alt or title field. CWE-79
Cross-site Scripting 		CVE-2019-15484 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222327 6.1 MEDIUM
Network 		boltcms bolt Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. CWE-79
Cross-site Scripting 		CVE-2019-15483 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222328 6.1 MEDIUM
Network 		selectize-plugin-a11y_project selectize-plugin-a11y selectize-plugin-a11y before 1.1.0 has XSS via the msg field. CWE-79
Cross-site Scripting 		CVE-2019-15482 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222329 6.1 MEDIUM
Network 		kimai kimai_2 Kimai v2 before 1.1 has XSS via a timesheet description. CWE-79
Cross-site Scripting 		CVE-2019-15481 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm
222330 5.4 MEDIUM
Network 		domoticz domoticz Domoticz 4.10717 has XSS via item.Name. CWE-79
Cross-site Scripting 		CVE-2019-15480 2024-11-21 13:28 2019-08-23 Show GitHub Exploit DB Packet Storm