Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228681 7.5 危険 typolight - TYPOlight webCMS における脆弱性 CWE-noinfo
情報不足 		CVE-2007-1632 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228682 9.3 危険 studiewijzer - Studiewijzer における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1628 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228683 9.3 危険 PHPNUKE - PHP-NUKE 用の iFrame モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1626 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228684 4.3 警告 realguestbook - realGuestbook の save_entry.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1625 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228685 7.5 危険 realguestbook - realGuestbook における SQL インジェクションの脆弱性 - CVE-2007-1624 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228686 4.3 警告 realguestbook - realGuestbook におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1623 2012-12-20 18:19 2007-03-23 Show GitHub Exploit DB Packet Storm
228687 4.3 警告 WordPress.org - WordPress の wp-admin/vars.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1622 2012-12-20 18:19 2007-03-22 Show GitHub Exploit DB Packet Storm
228688 7.5 危険 scriptmagix - ScriptMagix Photo Rating の viewcomments.php における SQL インジェクションの脆弱性 - CVE-2007-1619 2012-12-20 18:19 2007-03-22 Show GitHub Exploit DB Packet Storm
228689 7.5 危険 scriptmagix - ScriptMagix FAQ Builder の index.php における SQL インジェクションの脆弱性 - CVE-2007-1618 2012-12-20 18:19 2007-03-22 Show GitHub Exploit DB Packet Storm
228690 7.5 危険 scriptmagix - ScriptMagix Recipes の index.php における SQL インジェクションの脆弱性 - CVE-2007-1617 2012-12-20 18:19 2007-03-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312451 9.8 CRITICAL
Network 		arajajyothibabu school_management_system School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php. CWE-89
SQL Injection 		CVE-2024-42574 2024-08-21 22:44 2024-08-20 Show GitHub Exploit DB Packet Storm
312452 9.8 CRITICAL
Network 		arajajyothibabu school_management_system School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php. CWE-89
SQL Injection 		CVE-2024-42575 2024-08-21 22:43 2024-08-20 Show GitHub Exploit DB Packet Storm
312453 8.8 HIGH
Network 		siamonhasan warehouse_inventory_system A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. CWE-352
 Origin Validation Error 		CVE-2024-42580 2024-08-21 22:39 2024-08-20 Show GitHub Exploit DB Packet Storm
312454 8.8 HIGH
Network 		siamonhasan warehouse_inventory_system A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. CWE-352
 Origin Validation Error 		CVE-2024-42583 2024-08-21 22:38 2024-08-20 Show GitHub Exploit DB Packet Storm
312455 8.8 HIGH
Network 		siamonhasan warehouse_inventory_system A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. CWE-352
 Origin Validation Error 		CVE-2024-42582 2024-08-21 22:38 2024-08-20 Show GitHub Exploit DB Packet Storm
312456 8.8 HIGH
Network 		siamonhasan warehouse_inventory_system A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. CWE-352
 Origin Validation Error 		CVE-2024-42581 2024-08-21 22:38 2024-08-20 Show GitHub Exploit DB Packet Storm
312457 8.8 HIGH
Network 		siamonhasan warehouse_inventory_system A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. CWE-352
 Origin Validation Error 		CVE-2024-42584 2024-08-21 22:37 2024-08-20 Show GitHub Exploit DB Packet Storm
312458 5.4 MEDIUM
Network 		friendica friendica Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters. CWE-79
Cross-site Scripting 		CVE-2024-39094 2024-08-21 22:31 2024-08-20 Show GitHub Exploit DB Packet Storm
312459 7.5 HIGH
Network 		keyfactor command Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure. CWE-89
SQL Injection 		CVE-2024-34458 2024-08-21 22:31 2024-08-20 Show GitHub Exploit DB Packet Storm
312460 7.5 HIGH
Network 		keyfactor aws_orchestrator Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure. NVD-CWE-noinfo
CVE-2024-42006 2024-08-21 22:26 2024-08-20 Show GitHub Exploit DB Packet Storm