Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228431 5 警告 wengo - WengoPhone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4366 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
228432 6.8 警告 prozilla - Prozilla Webring の category.php における SQL インジェクションの脆弱性 - CVE-2007-4362 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
228433 6.8 警告 skilmatch staffing systems - SkilMatch Staffing Systems JobLister3 における SQL インジェクションの脆弱性 - CVE-2007-4359 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
228434 4.3 警告 zoidcom - Zoidcom におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4358 2012-12-20 18:33 2007-08-15 Show GitHub Exploit DB Packet Storm
228435 7.5 危険 phpcentral - PHPCentral Login の include.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4342 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
228436 7.5 危険 phpdvd - phpDVD の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4340 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
228437 7.5 危険 phpcentral - PHPCentral Poll Script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4339 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
228438 5.8 警告 streamripper - Streamripper の lib/http.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4337 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
228439 5 警告 qbik - Qbik WinGate の SMTP サーバコンポーネントにおけるフォーマットストリングの脆弱性 - CVE-2007-4335 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
228440 4.3 警告 php-stats - Php-stats の whois.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4334 2012-12-20 18:33 2007-08-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224291 6.1 MEDIUM
Network 		quest kace_systems_management_appliance Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via the sam_detail_titled.php SAM_TYPE parameter) that allows an attacker to create a malicious link in order t… CWE-79
Cross-site Scripting 		CVE-2019-13077 2024-11-21 13:24 2019-11-7 Show GitHub Exploit DB Packet Storm
224292 8.8 HIGH
Network 		quest kace_systems_management_appliance Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected co… CWE-89
SQL Injection 		CVE-2019-13076 2024-11-21 13:24 2019-11-7 Show GitHub Exploit DB Packet Storm
224293 6.1 MEDIUM
Network 		sahipro sahi_pro Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBReports with many different areas that are vulnerable to reflected XSS, by updating a script's Script Name, Suite Name, Base URL, An… CWE-79
Cross-site Scripting 		CVE-2019-13066 2024-11-21 13:24 2019-10-30 Show GitHub Exploit DB Packet Storm
224294 7.5 HIGH
Network 		hinet gpon_firmware A service which is hosted on port 3097 in HiNet GPON firmware < I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: (CVSS:3.0… NVD-CWE-noinfo
CVE-2019-13412 2024-11-21 13:24 2019-10-18 Show GitHub Exploit DB Packet Storm
224295 7.5 HIGH
Network 		topmeeting topmeeting TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page. CWE-200
Information Exposure 		CVE-2019-13410 2024-11-21 13:24 2019-10-18 Show GitHub Exploit DB Packet Storm
224296 9.8 CRITICAL
Network 		topmeeting topmeeting A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databa… CWE-89
SQL Injection 		CVE-2019-13409 2024-11-21 13:24 2019-10-18 Show GitHub Exploit DB Packet Storm
224297 9.8 CRITICAL
Network 		hinet gpon_firmware An “invalid command” handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: … NVD-CWE-noinfo
CVE-2019-13411 2024-11-21 13:24 2019-10-18 Show GitHub Exploit DB Packet Storm
224298 9.8 CRITICAL
Network 		mulesoft mule_runtime The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections CWE-502
 Deserialization of Untrusted Data 		CVE-2019-13116 2024-11-21 13:24 2019-10-17 Show GitHub Exploit DB Packet Storm
224299 6.1 MEDIUM
Network 		mindpalette natemail A reflected Cross-Site Scripting (XSS) vulnerability in MindPalette NateMail 3.0.15 allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The app… CWE-79
Cross-site Scripting 		CVE-2019-13392 2024-11-21 13:24 2019-10-16 Show GitHub Exploit DB Packet Storm
224300 8.8 HIGH
Network 		pi-hole pi-hole Pi-Hole 4.3 allows Command Injection. CWE-78
OS Command  		CVE-2019-13051 2024-11-21 13:24 2019-10-9 Show GitHub Exploit DB Packet Storm