Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189951 6.8 警告 niclor - nicLOR Sito の includefile.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2008-6290 2012-09-25 17:27 2009-02-26 Show GitHub Exploit DB Packet Storm
189952 7.8 危険 interface-medien - Interface Medien ibase の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2008-6288 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189953 6.5 警告 ortus.nirn - CMS Ortus の engine/users/users_edit_pub.inc における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6282 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189954 6.8 警告 mjcreation - FamilyProject の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6274 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189955 6 警告 myktools - MyKtools の configuration_script.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2008-6273 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189956 7.5 危険 miticdjd - Dragan Mitic Apoll の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6272 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189957 7.5 危険 miticdjd - Dragan Mitic Apoll の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6270 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189958 7.5 危険 joovili - Joovili における管理者を含むユーザ権限を取得される脆弱性 CWE-287
不適切な認証
CVE-2008-6269 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
189959 7.5 危険 infireal - SaturnCMS の lib/user/t_user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6263 2012-09-25 17:27 2009-02-24 Show GitHub Exploit DB Packet Storm
189960 7.5 危険 infireal - SaturnCMS の lib/url/meta_url.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-6262 2012-09-25 17:27 2009-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 30, 2025, 4:10 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 4.3 MEDIUM
Network
- - A vulnerability has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this vulnerability is the function qrCode of the file sr… CWE-601
Open Redirect
CVE-2025-0705 2025-01-25 04:15 2025-01-25 Show GitHub Exploit DB Packet Storm
532 5.3 MEDIUM
Network
- - A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. Affected is the function qrCode of the file src/main/java/io/gith… CWE-404
CWE-400
 Improper Resource Shutdown or Release
 Uncontrolled Resource Consumption
CVE-2025-0704 2025-01-25 04:15 2025-01-25 Show GitHub Exploit DB Packet Storm
533 4.3 MEDIUM
Network
- - A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This issue affects some unknown processing of the file src/m… CWE-22
Path Traversal
CVE-2025-0703 2025-01-25 04:15 2025-01-25 Show GitHub Exploit DB Packet Storm
534 - - - The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entit… CWE-611
XXE
CVE-2024-52807 2025-01-25 04:15 2025-01-25 Show GitHub Exploit DB Packet Storm
535 - - - An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL in… - CVE-2024-55573 2025-01-25 04:15 2025-01-24 Show GitHub Exploit DB Packet Storm
536 - - - An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to achieve SQL injection … - CVE-2024-53923 2025-01-25 04:15 2025-01-24 Show GitHub Exploit DB Packet Storm
537 - - - A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP mess… - CVE-2024-24442 2025-01-25 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
538 5.4 MEDIUM
Network
gambit stackable The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter of the Button block in all versions up to, and including, 3.1… CWE-79
Cross-site Scripting
CVE-2024-12117 2025-01-25 04:05 2025-01-22 Show GitHub Exploit DB Packet Storm
539 5.4 MEDIUM
Network
aipower aipower The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector(). This makes it p… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2024-13360 2025-01-25 03:58 2025-01-22 Show GitHub Exploit DB Packet Storm
540 8.8 HIGH
Network
aipower aipower The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicg_save_image_media function in all versions up to, and including… CWE-862
 Missing Authorization
CVE-2024-13361 2025-01-25 03:55 2025-01-22 Show GitHub Exploit DB Packet Storm