Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188791	4.3	警告	Piwigo	-	Piwigo の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2209	2012-08-17 14:36	2012-04-4	Show	GitHub Exploit DB Packet Storm

188792	7.5	危険	Piwigo	-	Piwigo の upgrade.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2208	2012-08-17 14:35	2012-04-4	Show	GitHub Exploit DB Packet Storm

188793	7.5	危険	Chill Creations	-	Joomla! 用 ccNewsletter コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5099	2012-08-17 14:29	2012-08-14	Show	GitHub Exploit DB Packet Storm

188794	4.3	警告	Timely	-	WordPress 用 All-in-One Event Calendar プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1835	2012-08-17 14:03	2012-08-14	Show	GitHub Exploit DB Packet Storm

188795	7.5	危険	Powerplay Gallery project	-	WordPress 用 Image News slider プラグインにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-4327	2012-08-17 14:00	2012-08-14	Show	GitHub Exploit DB Packet Storm

188796	6.8	警告	AlstraSoft	-	AlstraSoft Site Uptime Enterprise の commonsettings.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4326	2012-08-17 13:58	2012-08-14	Show	GitHub Exploit DB Packet Storm

188797	6.8	警告	Utopia Software	-	Utopia News Pro の upload/users.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4325	2012-08-17 13:53	2012-08-14	Show	GitHub Exploit DB Packet Storm

188798	6.8	警告	PHPJabbers	-	PHPJabbers Vacation Rental Script におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4324	2012-08-17 13:49	2012-08-14	Show	GitHub Exploit DB Packet Storm

188799	2.6	注意	株式会社ミクシィ	-	Android 版 mixi における情報管理不備の脆弱性	CWE-Other その他	CVE-2012-4007	2012-08-17 12:02	2012-08-17	Show	GitHub Exploit DB Packet Storm

188800	6.4	警告	Python Software Foundation	-	Python の utf-16 デコーダにおける重要な情報 (プロセスメモリ) を取得される脆弱性	CWE-DesignError	CVE-2012-2135	2012-08-17 11:14	2012-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
611	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal.This issue affects WOLF: from n/a through 1.0.8.3.	CWE-22 Path Traversal	CVE-2024-52396	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

612	-	-	-	Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.1.15.	CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine	CVE-2024-52393	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

613	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation allows Upload a Web Shell to a Web Server.This issue a…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-52384	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

614	-	-	-	Missing Authorization vulnerability in KCT Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One allows Exploiting Incorrectly Configured Access Control Security Levels.This iss…	-	CVE-2024-52383	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

615	-	-	-	Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through 1.0.0.	CWE-862 Missing Authorization	CVE-2024-52382	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

616	-	-	-	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Shoaib Rehmat ZIJ KART allows PHP Local File Inclusion.This issue affects ZIJ …	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2024-52381	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

617	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through 1.0.0.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-52380	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

618	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies Sdn Bhd kineticPay for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects kineti…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-52379	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

619	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Labs64 DigiPass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through 0.3.0.	-	CVE-2024-52378	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

620	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a throug…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-52377	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm