Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229011 7.5 危険 zonemetrics - ZoneMetrics ZoneX Publishers Gold Edition の includes/usercp_register.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4036 2012-12-20 18:02 2006-08-9 Show GitHub Exploit DB Packet Storm
229012 10 危険 WordPress.org - WordPress における脆弱性 CWE-noinfo
情報不足 		CVE-2006-4028 2012-12-20 18:02 2006-07-29 Show GitHub Exploit DB Packet Storm
229013 7.5 危険 Red Graphic Systems - SAPID CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-4026 2012-12-20 18:02 2006-08-8 Show GitHub Exploit DB Packet Storm
229014 7.5 危険 xennobb - XennoBB の profile.php における SQL インジェクションの脆弱性 - CVE-2006-4025 2012-12-20 18:02 2006-08-8 Show GitHub Exploit DB Packet Storm
229015 2.6 注意 scatterchat - ScatterChat の cryptographic モジュールにおける大量のメッセージのパターンを特定される脆弱性 - CVE-2006-4021 2012-12-20 18:02 2006-08-17 Show GitHub Exploit DB Packet Storm
229016 4.3 警告 toenda software development - toendaCMS stable および unstable の /toendaCMS におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4016 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
229017 5 警告 シマンテック - SBAS におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4014 2012-12-20 18:02 2006-07-27 Show GitHub Exploit DB Packet Storm
229018 7.6 危険 シマンテック - SBAS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-4013 2012-12-20 18:02 2006-07-27 Show GitHub Exploit DB Packet Storm
229019 5.1 警告 savewebportal - circeOS SaveWeb Portal における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4012 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
229020 7.5 危険 VWar - Vwar の war.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-4010 2012-12-20 18:02 2006-08-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
551 7.3 HIGH
Network 		- - A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7076 2026-04-28 03:39 2026-04-27 Show GitHub Exploit DB Packet Storm
552 7.3 HIGH
Network 		- - A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sq… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7077 2026-04-28 03:39 2026-04-27 Show GitHub Exploit DB Packet Storm
553 8.8 HIGH
Network 		- - The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insufficient authorization checks in the hsc… New CWE-269
 Improper Privilege Management 		CVE-2026-7106 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
554 4.7 MEDIUM
Network 		- - A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of th… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7083 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
555 7.3 HIGH
Network 		- - A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of th… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7087 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
556 7.3 HIGH
Network 		- - A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipula… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7088 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
557 4.3 MEDIUM
Network 		- - A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The man… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-7089 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
558 2.4 LOW
Network 		- - A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument m… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-7090 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
559 6.3 MEDIUM
Network 		- - A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper au… New CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-7091 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm
560 6.3 MEDIUM
Network 		- - A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argumen… New CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-7092 2026-04-28 03:38 2026-04-27 Show GitHub Exploit DB Packet Storm