Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189261	7.5	危険	Mozilla Foundation	-	Bugzilla の Bug.create WebService 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3165	2012-09-25 17:27	2009-09-11	Show	GitHub Exploit DB Packet Storm

189262	4.3	警告	multi-website	-	Multi Website におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3162	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189263	7.8	危険	IBM	-	IBM WebSphere MQ のサーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-3161	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189264	8.8	危険	IBM	-	IBM WebSphere MQ における脆弱性	CWE-noinfo 情報不足	CVE-2009-3160	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189265	7.8	危険	IBM	-	IBM WebSphere MQ の rriDecompress 関数におけるサービス運用妨害 (DoS) 状態となる脆弱性	CWE-noinfo 情報不足	CVE-2009-3159	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189266	3.5	注意	Karen Stevenson	-	Drupal 用の Calendar モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3157	2012-09-25 17:27	2009-07-29	Show	GitHub Exploit DB Packet Storm

189267	4.3	警告	nt	-	NTSOFT BBS E-Market Professional の becommunity/community/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3152	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189268	7.5	危険	multi-website	-	Multi Website の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3150	2012-09-25 17:27	2009-09-10	Show	GitHub Exploit DB Packet Storm

189269	7.5	危険	Mozilla Foundation	-	Bugzilla の Bug.search WebService 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3125	2012-09-25 17:27	2009-09-11	Show	GitHub Exploit DB Packet Storm

189270	5	警告	ipmotor	-	QuarkMail の get_message.cgi におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3124	2012-09-25 17:27	2009-09-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1191	-		-	-	Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component	-	CVE-2024-57556	2025-01-25 06:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1192	6.1	MEDIUM Network	themify	themify_builder	The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, …	CWE-79 Cross-site Scripting	CVE-2024-13319	2025-01-25 06:06	2025-01-22	Show	GitHub Exploit DB Packet Storm

1193	7.2	HIGH Network	aipower	aipower	The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_conten…	CWE-502 Deserialization of Untrusted Data	CVE-2025-0428	2025-01-25 05:56	2025-01-22	Show	GitHub Exploit DB Packet Storm

1194	4.3	MEDIUM Network	thimpress	wp_hotel_booking	The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hotel_booking_load_order_user AJAX action in all versions up to, and in…	CWE-862 Missing Authorization	CVE-2024-13447	2025-01-25 05:53	2025-01-22	Show	GitHub Exploit DB Packet Storm

1195	7.2	HIGH Network	aipower	aipower	The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_conten…	CWE-502 Deserialization of Untrusted Data	CVE-2025-0429	2025-01-25 05:51	2025-01-22	Show	GitHub Exploit DB Packet Storm

1196	7.3	HIGH Network	gamipress	gamipress	The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipress_ajax_get_logs…	CWE-94 Code Injection	CVE-2024-13495	2025-01-25 05:46	2025-01-22	Show	GitHub Exploit DB Packet Storm

1197	7.5	HIGH Network	gamipress	gamipress	The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versi…	CWE-89 SQL Injection	CVE-2024-13496	2025-01-25 05:45	2025-01-22	Show	GitHub Exploit DB Packet Storm

1198	7.3	HIGH Network	gamipress	gamipress	The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_do_shortcode() fu…	CWE-94 Code Injection	CVE-2024-13499	2025-01-25 05:37	2025-01-22	Show	GitHub Exploit DB Packet Storm

1199	3.5	LOW Network	-	-	A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/model/addOrUpdate of the component Add Model Managemen…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0708	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1200	7.8	HIGH Local	-	-	A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulatio…	CWE-426 Untrusted Search Path	CVE-2025-0707	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm