NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月20日4:01

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
355401 4.3 MEDIUM
magnolia content_management_suite Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NVD-CWE-Other
CVE-2005-4361 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355402 5.0 MEDIUM
komodo komodo_cms SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. NVD-CWE-Other
CVE-2005-4362 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355403 5.8 MEDIUM
komodo komodo_cms Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NVD-CWE-Other
CVE-2005-4363 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355404 5.8 MEDIUM
hot_banana web_content_management_suite Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana Web Content Management Suite 5.3 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NVD-CWE-Other
CVE-2005-4364 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355405 4.3 MEDIUM
flip flip Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter in text.php and (2) frame parameter in … NVD-CWE-Other
CVE-2005-4365 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355406 4.3 MEDIUM
the_collective acuity_cms Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly strSearchKeywords to browse.asp. NVD-CWE-Other
CVE-2005-4369 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355407 4.3 MEDIUM
liquid_bytes_technologies adaptive_website_framework Cross-site scripting (XSS) vulnerability in account.html in Adaptive Website Framework (AWF) 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter. NVD-CWE-Other
CVE-2005-4372 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355408 4.3 MEDIUM
allinta allinta Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery p… NVD-CWE-Other
CVE-2005-4374 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355409 4.3 MEDIUM
box_uk amaxus Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant … NVD-CWE-Other
CVE-2005-4375 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355410 4.3 MEDIUM
nma baseline_cms Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) PageID and (2) SiteNodeID parameters. NVD-CWE-Other
CVE-2005-4377 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355411 7.5 HIGH
nma baseline_cms SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter. NVD-CWE-Other
CVE-2005-4378 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355412 4.3 MEDIUM
caravel_cms caravel_cms Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 Beta 1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fileDN and (2) folderviewer_attrs p… NVD-CWE-Other
CVE-2005-4381 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355413 4.3 MEDIUM
cofax cofax Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. NVD-CWE-Other
CVE-2005-4385 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355414 4.3 MEDIUM
contenite contenite Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NVD-CWE-Other
CVE-2005-4387 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355415 4.3 MEDIUM
formicary_ltd. epix Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search query parameters. NVD-CWE-Other
CVE-2005-4394 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355416 4.3 MEDIUM
farcry farcry Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter. NVD-CWE-Other
CVE-2005-4395 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355417 5.0 MEDIUM
random_mouse_software red_queen redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to obtain the full server path via invalid (1) yellowpage_id, (2) skin_id, (3) supplier_id, and (4) module parameters, which leaks t… NVD-CWE-Other
CVE-2005-4405 2011-03-8 11:28 2005-12-20 表示 GitHub Exploit DB Packet Storm
355418 4.3 MEDIUM
esselbach_internet_solutions esselbach_storyteller_cms Cross-site scripting (XSS) vulnerability in search.php in Esselbach Storyteller CMS 1.8 allows remote attackers to inject arbitrary web script or HTML via the query parameter, which is used by the Se… NVD-CWE-Other
CVE-2005-4433 2011-03-8 11:28 2005-12-21 表示 GitHub Exploit DB Packet Storm
355419 7.8 HIGH
- - Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet i… NVD-CWE-Other
CVE-2005-4464 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355420 7.5 HIGH
nec univerge The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via craf… NVD-CWE-Other
CVE-2005-4465 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355421 5.0 MEDIUM
avaya modular_messaging_message_storage_server POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. NVD-CWE-Other
CVE-2005-4471 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355422 7.5 HIGH
macromedia jrun Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly … NVD-CWE-Other
CVE-2005-4472 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355423 5.0 MEDIUM
macromedia jrun Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." NVD-CWE-Other
CVE-2005-4473 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355424 7.5 HIGH
phpslash phpslash SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. NVD-CWE-Other
CVE-2005-4479 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355425 4.3 MEDIUM
iatek intranetapp Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2)… NVD-CWE-Other
CVE-2005-4484 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355426 4.3 MEDIUM
ramsite r1_cms Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. NVD-CWE-Other
CVE-2005-4487 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355427 4.3 MEDIUM
computeroil redakto_cms Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) ca… NVD-CWE-Other
CVE-2005-4488 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355428 4.3 MEDIUM
scoop scoop Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query strin… NVD-CWE-Other
CVE-2005-4489 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355429 4.3 MEDIUM
commercial_interactive_media scoop Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword and (2) invalid parameter to articleSea… NVD-CWE-Other
CVE-2005-4490 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355430 4.3 MEDIUM
starphire_technologies sitesage
sitesage-ee
sitesage-le
sitesage-sb
sitesage-se 		Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norela… NVD-CWE-Other
CVE-2005-4492 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355431 2.6 LOW
spip spip Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.p… NVD-CWE-Other
CVE-2005-4494 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355432 4.3 MEDIUM
forum_one syntaxcms Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NVD-CWE-Other
CVE-2005-4496 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355433 4.3 MEDIUM
tangora tangora_portal_cms Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter in a search page, as demonstrate… NVD-CWE-Other
CVE-2005-4497 2011-03-8 11:28 2005-12-22 表示 GitHub Exploit DB Packet Storm
355434 4.6 MEDIUM
nexus_concepts dev_hound Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges. NVD-CWE-Other
CVE-2005-4506 2011-03-8 11:28 2005-12-23 表示 GitHub Exploit DB Packet Storm
355435 4.3 MEDIUM
nexus_concepts dev_hound Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fiel… NVD-CWE-Other
CVE-2005-4507 2011-03-8 11:28 2005-12-23 表示 GitHub Exploit DB Packet Storm
355436 5.0 MEDIUM
nexus_concepts dev_hound Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file. NVD-CWE-Other
CVE-2005-4508 2011-03-8 11:28 2005-12-23 表示 GitHub Exploit DB Packet Storm
355437 4.3 MEDIUM
wandsoft e-search Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter. NVD-CWE-Other
CVE-2005-4513 2011-03-8 11:28 2005-12-23 表示 GitHub Exploit DB Packet Storm
355438 7.5 HIGH
- - Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_p… NVD-CWE-Other
CVE-2005-4518 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355439 7.5 HIGH
mantis mantis Multiple SQL injection vulnerabilities in the manage user page (manage_user_page.php) in Mantis 1.0.0rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prefix and (2… NVD-CWE-Other
CVE-2005-4519 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355440 5.0 MEDIUM
mantis mantis Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which … NVD-CWE-Other
CVE-2005-4520 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355441 5.0 MEDIUM
- - CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via (1) the return parameter in login_cookie_tes… NVD-CWE-Other
CVE-2005-4521 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355442 4.3 MEDIUM
mantis mantis Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1… NVD-CWE-Other
CVE-2005-4522 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355443 5.0 MEDIUM
mantis mantis Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information. NVD-CWE-Other
CVE-2005-4523 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355444 5.0 MEDIUM
- - Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. NVD-CWE-Other
CVE-2005-4524 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355445 7.5 HIGH
chatspot chatspot SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors. NVD-CWE-Other
CVE-2005-4528 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355446 7.5 HIGH
chatspot chatspot The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to impersonate other users via unknown vectors. NVD-CWE-Other
CVE-2005-4529 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355447 7.5 HIGH
rws statistics_counter SQL injection vulnerability in the "user area" in RWS Statistics Counter before 2.4.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NVD-CWE-Other
CVE-2005-4548 2011-03-8 11:28 2005-12-28 表示 GitHub Exploit DB Packet Storm
355448 5.0 MEDIUM
adtran netvanta The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to cause a denial of service via crafted IKE packets, as demonstrated by t… NVD-CWE-Other
CVE-2005-4564 2011-03-8 11:28 2005-12-29 表示 GitHub Exploit DB Packet Storm
355449 10.0 HIGH
adtran netvanta Format string vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via format string… NVD-CWE-Other
CVE-2005-4565 2011-03-8 11:28 2005-12-29 表示 GitHub Exploit DB Packet Storm
355450 10.0 HIGH
adtran netvanta Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via crafted IKE packets, as d… NVD-CWE-Other
CVE-2005-4566 2011-03-8 11:28 2005-12-29 表示 GitHub Exploit DB Packet Storm