Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228781 7.5 危険 woltlab - wBB の thread.php における SQL インジェクションの脆弱性 - CVE-2006-5029 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
228782 5 警告 swsoft - Swsoft Pleask Reload および Pleask の filemanager/filemanager.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5028 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
228783 7.5 危険 pnews systems - Joshua Wilson pNews System の includes/global.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5022 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
228784 7.5 危険 redblog - redgun RedBLoG における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5021 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
228785 7.5 危険 solidstate - SolidState における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5020 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
228786 7.5 危険 voice of web - Voodoo chat における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4993 2012-12-20 18:02 2006-09-25 Show GitHub Exploit DB Packet Storm
228787 3.6 注意 RSAセキュリティ - RSA KeonCA Manager における悪意のある認証局動作を隠される脆弱性 - CVE-2006-4991 2012-12-20 18:02 2006-09-25 Show GitHub Exploit DB Packet Storm
228788 4.6 警告 シマンテック - Symantec Sygate NAC におけるコントロールメソッドを回避される脆弱性 - CVE-2006-4981 2012-12-20 18:02 2006-09-25 Show GitHub Exploit DB Packet Storm
228789 5 警告 walter beschmout - Walter Beschmout PhpQuiz の cfgphpquiz/install.php における config.inc.php の任意の PHP コードを挿入される脆弱性 - CVE-2006-4979 2012-12-20 18:02 2006-09-24 Show GitHub Exploit DB Packet Storm
228790 7.5 危険 walter beschmout - Walter Beschmout PhpQuiz における SQL インジェクションの脆弱性 - CVE-2006-4978 2012-12-20 18:02 2006-09-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212951 6.1 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack … CWE-79
Cross-site Scripting 		CVE-2019-7742 2024-11-21 13:48 2019-02-13 Show GitHub Exploit DB Packet Storm
212952 6.1 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! before 3.9.3. Inadequate checks at the Global Configuration helpurl settings allowed stored XSS. CWE-79
Cross-site Scripting 		CVE-2019-7741 2024-11-21 13:48 2019-02-13 Show GitHub Exploit DB Packet Storm
212953 6.1 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! before 3.9.3. Inadequate parameter handling in JavaScript code (core.js writeDynaList) could lead to an XSS attack vector. CWE-79
Cross-site Scripting 		CVE-2019-7740 2024-11-21 13:48 2019-02-13 Show GitHub Exploit DB Packet Storm
212954 6.1 MEDIUM
Network 		joomla joomla\! An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the… NVD-CWE-noinfo
CVE-2019-7739 2024-11-21 13:48 2019-02-13 Show GitHub Exploit DB Packet Storm
212955 6.1 MEDIUM
Network 		verydows verydows Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter. CWE-79
Cross-site Scripting 		CVE-2019-7753 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm
212956 6.1 MEDIUM
Network 		dbninja dbninja _includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task parameter if _users/admin/tasks.php exists. CWE-79
Cross-site Scripting 		CVE-2019-7748 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm
212957 9.6 CRITICAL
Network 		dbninja dbninja DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. CWE-384
 Session Fixation 		CVE-2019-7747 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm
212958 6.5 MEDIUM
Network 		c.p.sub_project c.p.sub C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&id= URI. CWE-352
 Origin Validation Error 		CVE-2019-7738 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm
212959 8.8 HIGH
Network 		verydows verydows A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit. CWE-352
 Origin Validation Error 		CVE-2019-7737 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm
212960 9.8 CRITICAL
Network 		dlink dir-600m_firmware D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page. NOTE: this may overlap CVE-2019-13101. CWE-425
 Direct Request ('Forced Browsing') 		CVE-2019-7736 2024-11-21 13:48 2019-02-12 Show GitHub Exploit DB Packet Storm