Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230631	6.8	警告	simplog	-	Simpliciti Locked Browser におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4058	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230632	7.5	危険	the address book reloaded the address book	-	katzlbt Address Book などの認証プロセスにおける SQL インジェクションの脆弱性	-	CVE-2006-4056	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230633	7.5	危険	tsep	-	Olaf Noehring TSEP における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4055	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230634	7.5	危険	turnkey web tools	-	Turnkey Web Tools PHP Simple Shop における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4052	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230635	7.5	危険	turnkey web tools	-	Turnkey Web Tools PHP Live Helper の global.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4051	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230636	2.1	注意	サン・マイクロシステムズ	-	Sun Ray Server Software のユーティリティ utxconfig における任意のファイルを上書きされる脆弱性	-	CVE-2006-4049	2012-12-20 18:02	2006-07-7	Show	GitHub Exploit DB Packet Storm

230637	7.5	危険	torbstoff	-	Torbstoff News の news.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4045	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230638	7.5	危険	pike	-	Pike における SQL インジェクションの脆弱性	-	CVE-2006-4041	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230639	7.5	危険	zonemetrics	-	ZoneMetrics ZoneX Publishers Gold Edition の includes/usercp_register.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4036	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230640	10	危険	WordPress.org	-	WordPress における脆弱性	CWE-noinfo 情報不足	CVE-2006-4028	2012-12-20 18:02	2006-07-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211841	4.8	MEDIUM Network	chadhaajay	phpkb	The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (…	CWE-79 Cross-site Scripting	CVE-2020-10395	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211842	4.8	MEDIUM Network	chadhaajay	phpkb	The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mar…	CWE-79 Cross-site Scripting	CVE-2020-10394	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211843	4.8	MEDIUM Network	chadhaajay	phpkb	The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (…	CWE-79 Cross-site Scripting	CVE-2020-10393	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211844	4.8	MEDIUM Network	chadhaajay	phpkb	The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mar…	CWE-79 Cross-site Scripting	CVE-2020-10392	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211845	4.8	MEDIUM Network	chadhaajay	phpkb	The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark…	CWE-79 Cross-site Scripting	CVE-2020-10391	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211846	7.2	HIGH Network	chadhaajay	phpkb	OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by savin…	CWE-78 OS Command	CVE-2020-10390	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211847	7.2	HIGH Network	chadhaajay	phpkb	admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.	CWE-94 Code Injection	CVE-2020-10389	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211848	5.4	MEDIUM Network	chadhaajay	phpkb	The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-…	CWE-79 Cross-site Scripting	CVE-2020-10388	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211849	4.9	MEDIUM Network	chadhaajay	phpkb	Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter fil…	CWE-22 Path Traversal	CVE-2020-10387	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm

211850	7.2	HIGH Network	chadhaajay	phpkb	admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-10386	2024-11-21 13:55	2020-03-12	Show	GitHub Exploit DB Packet Storm