Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":April 28, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228911 | 4.3 | 警告 | ztml | - | ezPortal/ztml CMS の index.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2006-4500 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228912 | 7.5 | 危険 | phpalbum.net | - | PortailPHP 用の PhpAlbum における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4498 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228913 | 2.1 | 注意 | xbiff2 | - | xbiff2 におけるログイン資格情報などを重要な情報を取得される脆弱性 | - | CVE-2006-4493 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228914 | 7.5 | 危険 | ultrize | - | MiniBill における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4489 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228915 | 4.3 | 警告 | visualshapers | - | Visual Shapers ezContents の loginreq2.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2006-4479 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228916 | 7.5 | 危険 | visualshapers | - | Visual Shapers ezContents の headeruserdata.php における SQL インジェクションの脆弱性 | - | CVE-2006-4478 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228917 | 7.5 | 危険 | visualshapers | - | Visual Shapers ezContents における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4477 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228918 | 7.5 | 危険 | Simple Machines | - | SMF における任意のローカルファイルを読むディレクトリトラバーサル攻撃を実行される脆弱性 | - | CVE-2006-4467 | 2012-12-20 18:02 | 2006-08-19 | Show | GitHub Exploit DB Packet Storm |
| 228919 | 6.4 | 警告 | phpgroupware | - | phpGroupWare の calendar/inc/class.holidaycalc.inc.php におけるディレクトリトラバーサルの脆弱性 | - | CVE-2006-4458 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
| 228920 | 7.5 | 危険 | phpecard | - | phpECard の index.php における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4457 | 2012-12-20 18:02 | 2006-08-31 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:April 29, 2026, 4:51 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 212811 | 8.8 |
HIGH
Network |
thinkcmf | thinkcmf | ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/co… |
CWE-94
Code Injection |
CVE-2019-7580 | 2024-11-21 13:48 | 2019-02-8 | Show | GitHub Exploit DB Packet Storm |
| 212812 | 5.3 |
MEDIUM
Network |
gurock | testrail | index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technolo… |
CWE-200
Information Exposure |
CVE-2019-7535 | 2024-11-21 13:48 | 2019-02-8 | Show | GitHub Exploit DB Packet Storm |
| 212813 | 8.1 |
HIGH
Network |
libsdl opensuse debian fedoraproject canonical |
simple_directmedia_layer leap debian_linux fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c. |
CWE-125
Out-of-bounds Read |
CVE-2019-7578 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212814 | 8.8 |
HIGH
Network |
libsdl opensuse debian fedoraproject canonical |
simple_directmedia_layer leap debian_linux fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. |
CWE-125
Out-of-bounds Read |
CVE-2019-7577 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212815 | 8.8 |
HIGH
Network |
libsdl debian opensuse fedoraproject canonical |
simple_directmedia_layer debian_linux leap fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). |
CWE-125
Out-of-bounds Read |
CVE-2019-7576 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212816 | 8.8 |
HIGH
Network |
libsdl debian opensuse fedoraproject canonical |
simple_directmedia_layer debian_linux leap fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. |
CWE-787
Out-of-bounds Write |
CVE-2019-7575 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212817 | 8.8 |
HIGH
Network |
libsdl debian opensuse fedoraproject canonical |
simple_directmedia_layer debian_linux leap fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. |
CWE-125
Out-of-bounds Read |
CVE-2019-7574 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212818 | 8.8 |
HIGH
Network |
libsdl debian opensuse fedoraproject canonical |
simple_directmedia_layer debian_linux leap fedora ubuntu_linux |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). |
CWE-125
Out-of-bounds Read |
CVE-2019-7573 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212819 | 8.8 |
HIGH
Network |
libsdl debian opensuse canonical fedoraproject |
simple_directmedia_layer debian_linux leap ubuntu_linux fedora |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. |
CWE-125
Out-of-bounds Read |
CVE-2019-7572 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |
| 212820 | 6.5 |
MEDIUM
Network |
pbootcms | pbootcms | A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI. |
CWE-352
Origin Validation Error |
CVE-2019-7570 | 2024-11-21 13:48 | 2019-02-7 | Show | GitHub Exploit DB Packet Storm |