Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230271 7.5 危険 phpmygallery - PHPmyGallery の _conf/_php-core/common-tpl-vars.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6318 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
230272 6.8 警告 phpmygallery - PHPmyGallery の _conf/_php-core/common-tpl-vars.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6317 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
230273 6.8 警告 phpmygallery - PHPmyGallery の _conf/core/common-tpl-vars.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6316 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
230274 7.5 危険 phpmygallery - PHPmyGallery の _conf/core/common-tpl-vars.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6315 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
230275 7.5 危険 phpBB - phpBB 用の Tag Board モジュールの tag_board.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6314 2012-12-20 19:10 2009-02-27 Show GitHub Exploit DB Packet Storm
230276 7.5 危険 w3matter - W3matter RevSense の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6310 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
230277 7.5 危険 w3matter - W3matter AskPert の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6309 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
230278 5.1 警告 PunBB - PunBB 用の PMS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6308 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
230279 4.3 警告 SoftbizScripts - Softbiz Classifieds Script の signinform.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6306 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
230280 7.5 危険 toursmanager - ToursManager の tourview.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6303 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345831 - zeroboard zeroboard Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. CWE-79
Cross-site Scripting 		CVE-2004-2738 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345832 - phprojekt phprojekt The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2739 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345833 - phprojekt phprojekt PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the path_pre parameter. CWE-94
Code Injection 		CVE-2004-2740 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345834 - horde application_framework Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) to… CWE-79
Cross-site Scripting 		CVE-2004-2741 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345835 - businessobjects crystal_enterprise Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RP… CWE-79
Cross-site Scripting 		CVE-2004-2742 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345836 - raditha_dissanayake mega_upload_progress_bar upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2743 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345837 - phplist mailing_list_manager Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release." NVD-CWE-noinfo
CVE-2004-2744 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345838 - 2wire homeportal Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) i… CWE-22
Path Traversal 		CVE-2004-2749 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345839 - postnuke_software_foundation postnuke SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter. CWE-89
SQL Injection 		CVE-2004-2751 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
345840 - hp hp-ux Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "fil… NVD-CWE-noinfo
CVE-2004-2753 2017-07-29 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm