Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229541	7.5	危険	web3king	-	Web3news の security/include/_class.security.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4452	2012-12-20 18:02	2006-08-30	Show	GitHub Exploit DB Packet Storm

229542	5.1	警告	phpBB	-	PHPBB の usercp_avatar.php における Web のプロキシとしてサーバが使用される脆弱性	-	CVE-2006-4450	2012-12-20 18:02	2006-08-29	Show	GitHub Exploit DB Packet Storm

229543	7.2	危険	X.Org Foundation	-	libX11 などを含む X.Org および XFree86 における権限を取得される脆弱性	-	CVE-2006-4447	2012-12-20 18:02	2006-08-29	Show	GitHub Exploit DB Packet Storm

229544	7.5	危険	venture nine	-	Tagger LE における任意の PHP コードを実行される脆弱性	-	CVE-2006-4437	2012-12-20 18:02	2006-09-14	Show	GitHub Exploit DB Packet Storm

229545	7.5	危険	Zend Technologies Ltd.	-	Zend Platform におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4432	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

229546	7.5	危険	Zend Technologies Ltd.	-	Zend Platform の Session Clustering Daemon および mod_cluster モジュールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-4431	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

229547	4.3	警告	yapig	-	YaPIG の template/default/thanks_comment.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4421	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

229548	7.5	危険	promanager	-	ProManager の note.php における SQL インジェクションの脆弱性	-	CVE-2006-4419	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

229549	4	警告	wikepage	-	Wikepage Opus の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4418	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

229550	7.5	危険	XOOPS	-	Xoops の edituser.php における SQL インジェクションの脆弱性	-	CVE-2006-4417	2012-12-20 18:02	2006-08-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212401	4.8	MEDIUM Network	magento	magento	In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when cre…	CWE-79 Cross-site Scripting	CVE-2019-8227	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212402	8.8	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with system data manipulation privileges can execute aribitr…	CWE-78 OS Command	CVE-2019-8159	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212403	7.5	HIGH Network	magento	magento	Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request. This could be exploited by an attacker with access to network traffic to perform unauthorized …	CWE-352 Origin Validation Error	CVE-2019-8155	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212404	8.8	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP f…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2019-8154	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212405	6.1	MEDIUM Network	magento	magento	A mitigation bypass to prevent cross-site scripting (XSS) exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in …	CWE-79 Cross-site Scripting	CVE-2019-8153	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212406	5.4	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with…	CWE-79 Cross-site Scripting	CVE-2019-8152	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212407	7.2	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can e…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-8151	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212408	8.8	HIGH Network	magento	magento	A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert …	NVD-CWE-noinfo	CVE-2019-8150	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212409	9.8	CRITICAL Network	magento	magento	Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id tha…	CWE-613 Insufficient Session Expiration	CVE-2019-8149	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm

212410	4.8	MEDIUM Network	magento	magento	A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via p…	CWE-79 Cross-site Scripting	CVE-2019-8148	2024-11-21 13:49	2019-11-6	Show	GitHub Exploit DB Packet Storm