Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188171 4.3 警告 SQLiteManager - SQLiteManager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5105 2012-09-26 16:45 2012-09-23 Show GitHub Exploit DB Packet Storm
188172 4.3 警告 UBB Systems - UBB.threads の forums/ubbthreads.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5104 2012-09-26 16:44 2012-09-23 Show GitHub Exploit DB Packet Storm
188173 4.3 警告 Denis Nelubin - Ggb Guestbook の action/add-submit.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5103 2012-09-26 16:44 2012-01-5 Show GitHub Exploit DB Packet Storm
188174 4.3 警告 Dariusz Handzlik - VertrigoServ の inc/extensions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5102 2012-09-26 16:43 2012-09-23 Show GitHub Exploit DB Packet Storm
188175 7.5 危険 Joomla Extension Development - Joomla! 用 JExtensions JE Poll コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5101 2012-09-26 16:42 2012-09-23 Show GitHub Exploit DB Packet Storm
188176 5 警告 luizpicanco - HServer におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-5100 2012-09-26 16:41 2012-09-23 Show GitHub Exploit DB Packet Storm
188177 4.3 警告 PHPB2B - PHPB2B の list.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5099 2012-09-26 16:40 2012-09-23 Show GitHub Exploit DB Packet Storm
188178 7.5 危険 Php-X-Links - Php-X-Links における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5098 2012-09-26 16:40 2012-09-23 Show GitHub Exploit DB Packet Storm
188179 7.5 危険 ヒューレット・パッカード - HP SiteScope の SOAP 機能における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-3264 2012-09-26 16:38 2012-09-19 Show GitHub Exploit DB Packet Storm
188180 10 危険 ヒューレット・パッカード - HP SiteScope の SOAP 機能における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-3263 2012-09-26 16:37 2012-09-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 24, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 - - - The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accou… CWE-290
 Authentication Bypass by Spoofing 		CVE-2022-3180 2025-02-19 03:15 2025-02-12 Show GitHub Exploit DB Packet Storm
622 - - - In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to… - CVE-2025-0526 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
623 - - - An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remot… - CVE-2025-26411 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
624 - - - The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials… - CVE-2025-26410 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
625 - - - A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login promp… - CVE-2025-26409 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
626 - - - The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to e… - CVE-2025-26408 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
627 - - - In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in furth… - CVE-2025-0525 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
628 4.7 MEDIUM
Network 		- - A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file process_users_del.php. The manipulation of the … CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-1173 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
629 7.2 HIGH
Network 		- - The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.1 due to insu… CWE-79
Cross-site Scripting 		CVE-2024-12599 2025-02-19 03:15 2025-02-11 Show GitHub Exploit DB Packet Storm
630 6.5 MEDIUM
Network 		mayurik best_church_management_software A vulnerability was found in SourceCodester Best Church Management Software 1.1. It has been classified as critical. This affects an unknown part of the file /admin/app/role_crud.php. The manipulatio… CWE-89
SQL Injection 		CVE-2025-1199 2025-02-19 03:06 2025-02-12 Show GitHub Exploit DB Packet Storm