Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229411	7.5	危険	website designs for less	-	Website Designs for Less Inventory Manager の inventory/display/imager.asp における SQL インジェクションの脆弱性	-	CVE-2006-5943	2012-12-20 18:02	2006-11-16	Show	GitHub Exploit DB Packet Storm

229412	6.8	警告	website designs for less	-	Website Designs For Less Inventory Manager の inventory/display/display_results.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5942	2012-12-20 18:02	2006-11-16	Show	GitHub Exploit DB Packet Storm

229413	7.5	危険	sitexpress	-	SiteXpress E-Commerce System の dept.asp における SQL インジェクションの脆弱性	-	CVE-2006-5936	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229414	7.5	危険	shopsystems	-	ShopSystems の index.php における SQL インジェクションの脆弱性	-	CVE-2006-5935	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229415	7.5	危険	ultrasite	-	UltraSite の update.asp における SQL インジェクションの脆弱性	-	CVE-2006-5933	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229416	7.5	危険	phpjobscheduler	-	Phpjobscheduler の firepjs.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5929	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229417	7.5	危険	phpjobscheduler	-	Phpjobscheduler における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5928	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229418	7.5	危険	vallheru	-	Vallheru の mail.php における SQL インジェクションの脆弱性	-	CVE-2006-5926	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229419	5	警告	wheatblog	-	wB の index.php における重要な情報を取得される脆弱性	-	CVE-2006-5922	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

229420	5.8	警告	wheatblog	-	wB の add_comment.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5921	2012-12-20 18:02	2006-11-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213321	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute…	NVD-CWE-noinfo	CVE-2019-7895	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213322	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access ship…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-7892	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213323	7.3	HIGH Network	magento	magento	An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-7890	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213324	6.5	MEDIUM Network	magento	magento	An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.…	CWE-74 Injection	CVE-2019-7889	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213325	6.5	MEDIUM Network	magento	magento	An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates …	NVD-CWE-noinfo	CVE-2019-7888	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213326	4.8	MEDIUM Network	magento	magento	A reflected cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prio…	CWE-79 Cross-site Scripting	CVE-2019-7887	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213327	7.5	HIGH Network	magento	magento	A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multip…	CWE-330 Use of Insufficiently Random Values	CVE-2019-7886	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213328	8.8	HIGH Network	magento	magento	Insufficient input validation in the config builder of the Elastic search module could lead to remote code execution in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2…	CWE-20 Improper Input Validation	CVE-2019-7885	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213329	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prio…	CWE-79 Cross-site Scripting	CVE-2019-7882	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm

213330	5.4	MEDIUM Network	magento	magento	A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user to escalate pr…	CWE-79 Cross-site Scripting	CVE-2019-7881	2024-11-21 13:48	2019-08-3	Show	GitHub Exploit DB Packet Storm