Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188571 7.5 危険 kjetiltroan - WebMaid CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1266 2012-09-25 17:38 2010-04-6 Show GitHub Exploit DB Packet Storm
188572 7.5 危険 IBM - IBM Web Interface for Content Management における脆弱性 CWE-noinfo
情報不足 		CVE-2010-1243 2012-09-25 17:38 2010-03-31 Show GitHub Exploit DB Packet Storm
188573 4.3 警告 IBM - IBM Web Interface for Content Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1242 2012-09-25 17:38 2010-03-31 Show GitHub Exploit DB Packet Storm
188574 5 警告 MoinMoin - MoinMoin における textcha の保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1238 2012-09-25 17:38 2010-04-5 Show GitHub Exploit DB Packet Storm
188575 9.3 危険 マイクロソフト - Microsoft Virtual PC 2007 などの Virtual Machine Monitor におけるデータ漏洩保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1225 2012-09-25 17:38 2010-04-1 Show GitHub Exploit DB Packet Storm
188576 4.3 警告 mm forum - TYPO3 用の mm_forum エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1218 2012-09-25 17:38 2010-03-30 Show GitHub Exploit DB Packet Storm
188577 4.3 警告 je form creator - Joomla! 用の JE Form Creator コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1217 2012-09-25 17:38 2010-03-30 Show GitHub Exploit DB Packet Storm
188578 6.8 警告 notsopureedit - notsoPureEdit の templates/template.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1216 2012-09-25 17:38 2010-03-30 Show GitHub Exploit DB Packet Storm
188579 5 警告 Mozilla Foundation - Bugzilla の Search.pm におけるタイムトラッキング情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1204 2012-09-25 17:38 2010-06-24 Show GitHub Exploit DB Packet Storm
188580 4.3 警告 ikiwiki - ikiwiki の htmlscrubber コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1195 2012-09-25 17:38 2010-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
731 6.4 MEDIUM
Network 		- - The CanadaHelps Embedded Donation Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embedcdn' shortcode in all versions up to, and including, 1.0.0 due to insuf… CWE-79
Cross-site Scripting 		CVE-2024-11778 2025-02-19 17:15 2025-02-19 Show GitHub Exploit DB Packet Storm
732 6.4 MEDIUM
Network 		- - The UMich OIDC Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'umich_oidc_button' shortcode in all versions up to, and including, 1.2.0 due to insufficient i… CWE-79
Cross-site Scripting 		CVE-2024-11753 2025-02-19 17:15 2025-02-19 Show GitHub Exploit DB Packet Storm
733 6.4 MEDIUM
Network 		- - The UltraEmbed – Advanced Iframe Plugin For WordPress with Gutenberg Block Included plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframe' shortcode in all versio… CWE-79
Cross-site Scripting 		CVE-2024-11335 2025-02-19 17:15 2025-02-19 Show GitHub Exploit DB Packet Storm
734 - - - Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory - CVE-2025-0633 2025-02-19 16:15 2025-02-19 Show GitHub Exploit DB Packet Storm
735 - - - Movable Type contains a reflected cross-site scripting vulnerability in the user information edit page. When Multi-Factor authentication plugin is enabled and a user accesses a crafted page while log… CWE-79
Cross-site Scripting 		CVE-2025-25054 2025-02-19 15:15 2025-02-19 Show GitHub Exploit DB Packet Storm
736 - - - Movable Type contains a stored cross-site scripting vulnerability in the HTML edit mode of MT Block Editor. It is exploitable when TinyMCE6 is used as a rich text editor and an arbitrary script may b… CWE-79
Cross-site Scripting 		CVE-2025-24841 2025-02-19 15:15 2025-02-19 Show GitHub Exploit DB Packet Storm
737 - - - Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in user's web browser. CWE-79
Cross-site Scripting 		CVE-2025-22888 2025-02-19 15:15 2025-02-19 Show GitHub Exploit DB Packet Storm
738 6.4 MEDIUM
Network 		- - The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Import Data From File feature in all versions up to, and inc… CWE-79
Cross-site Scripting 		CVE-2025-1065 2025-02-19 15:15 2025-02-19 Show GitHub Exploit DB Packet Storm
739 6.4 MEDIUM
Network 		- - The User Private Files – File Upload & Download Manager with Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘new-fldr-name’ parameter in all versions up… CWE-79
Cross-site Scripting 		CVE-2024-13799 2025-02-19 15:15 2025-02-19 Show GitHub Exploit DB Packet Storm
740 6.1 MEDIUM
Network 		- - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007. This is due to missing or incorrect nonce val… CWE-352
 Origin Validation Error 		CVE-2025-1441 2025-02-19 14:15 2025-02-19 Show GitHub Exploit DB Packet Storm