Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229261	7.5	危険	scriptphp	-	Messageriescripthp の lire-avis.php における SQL インジェクションの脆弱性	-	CVE-2006-6521	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229262	6.8	警告	scriptphp	-	Messageriescripthp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6520	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229263	7.5	危険	scriptphp	-	ProNews の lire-avis.php における SQL インジェクションの脆弱性	-	CVE-2006-6519	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229264	6.8	警告	scriptphp	-	ProNews におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6518	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229265	1.7	注意	sitekiosk	-	SiteKiosk の不特定の ActiveX コントロールにおける任意のファイルを読まれる脆弱性	-	CVE-2006-6510	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229266	4.1	警告	sitekiosk	-	SiteKiosk のスキニング機能におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6509	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229267	6	警告	phpBB	-	phpBB におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2006-6508	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

229268	6.8	警告	shopsite	-	ShopSite におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6485	2012-12-20 18:02	2006-12-12	Show	GitHub Exploit DB Packet Storm

229269	5	警告	scriptphp	-	AnnonceScriptHP の admin/admin_membre/fiche_membre.php における重要な情報を取得される脆弱性	-	CVE-2006-6480	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

229270	6.8	警告	scriptphp	-	AnnonceScriptHP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6479	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213271	7.2	HIGH Network	magento	magento	A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-7912	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213272	7.2	HIGH Network	magento	magento	A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Mag…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-7911	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213273	4.8	MEDIUM Network	magento	magento	A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior t…	CWE-79 Cross-site Scripting	CVE-2019-7909	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213274	4.8	MEDIUM Network	magento	magento	A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticat…	CWE-79 Cross-site Scripting	CVE-2019-7908	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213275	6.5	MEDIUM Network	magento	magento	Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environ…	NVD-CWE-noinfo	CVE-2019-7904	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213276	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can…	NVD-CWE-noinfo	CVE-2019-7903	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213277	5.3	MEDIUM Network	magento	magento	Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prio…	CWE-20 Improper Input Validation	CVE-2019-7899	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213278	5.3	MEDIUM Network	magento	magento	Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Mage…	CWE-20 Improper Input Validation	CVE-2019-7898	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213279	4.8	MEDIUM Network	magento	magento	A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior t…	CWE-79 Cross-site Scripting	CVE-2019-7897	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213280	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can…	NVD-CWE-noinfo	CVE-2019-7896	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm