Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191661	7.5	危険	e107.org	-	e107 における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4548	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191662	7.5	危険	exbb	-	ExBB における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4544	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191663	7.5	危険	Cerberus, LLC	-	Cerberus Helpdesk の Client Support Center における重要な情報を取得される脆弱性	-	CVE-2006-4539	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191664	2.1	注意	dec	-	OpenVMS ALPHA の DECnet-Plus におけるパスワードを取得される脆弱性	CWE-200 情報漏えい	CVE-2006-4537	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191665	7.5	危険	cms frogss	-	CMS Frogss の module/rejestracja.php における SQL インジェクションの脆弱性	-	CVE-2006-4536	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191666	7.5	危険	bernard pacques	-	YACS CMS の articles/article.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4532	2012-06-26 15:37	2006-09-1	Show	GitHub Exploit DB Packet Storm

191667	7.5	危険	bare concept media	-	Pheap CMS の lib/config.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4531	2012-06-26 15:37	2006-09-1	Show	GitHub Exploit DB Packet Storm

191668	2.6	注意	devellion	-	CubeCart における PHP リモートファイルインクルージョン攻撃を誘発する脆弱性	-	CVE-2006-4527	2012-06-26 15:37	2006-08-28	Show	GitHub Exploit DB Packet Storm

191669	7.5	危険	devellion	-	CubeCart の includes/content/viewCat.inc.php における SQL インジェクションの脆弱性	-	CVE-2006-4526	2012-06-26 15:37	2006-08-28	Show	GitHub Exploit DB Packet Storm

191670	4.3	警告	devellion	-	CubeCart におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4525	2012-06-26 15:37	2006-08-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 3, 2024, 5:55 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1021	6.1	MEDIUM Network	fatcatapps	pixel_cat	The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions u…	CWE-79 Cross-site Scripting	CVE-2024-8544	2024-09-27 21:57	2024-09-24	Show	GitHub Exploit DB Packet Storm

1022	5.4	MEDIUM Network	ggnome	garden_gnome_package	The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ggpkg shortcode in all versions up to, and including, 2.2.9 due to insufficient input sanit…	CWE-79 Cross-site Scripting	CVE-2024-8657	2024-09-27 21:56	2024-09-24	Show	GitHub Exploit DB Packet Storm

1023	6.1	MEDIUM Network	ibericode	koko_analytics	The Koko Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1…	CWE-79 Cross-site Scripting	CVE-2024-8662	2024-09-27 21:54	2024-09-24	Show	GitHub Exploit DB Packet Storm

1024	4.3	MEDIUM Network	themify	themify_builder	The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicate_page_ajaxify function in all versions up to, and including, 7.6.1. This …	CWE-863 Incorrect Authorization	CVE-2024-7836	2024-09-27 21:53	2024-08-22	Show	GitHub Exploit DB Packet Storm

1025	7.2	HIGH Network	presstigers	simple_job_board	The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.12.3 via deserialization of untrusted input when editing job applications. This…	CWE-502 Deserialization of Untrusted Data	CVE-2024-7351	2024-09-27 21:48	2024-08-24	Show	GitHub Exploit DB Packet Storm

1026	8.8	HIGH Network	radiustheme	classified_listing	Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions.	CWE-352 Origin Validation Error	CVE-2023-37387	2024-09-27 21:41	2023-07-18	Show	GitHub Exploit DB Packet Storm

1027	6.1	MEDIUM Network	radiustheme	classified_listing	The Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting	CWE-79 Cross-site Scripting	CVE-2022-2655	2024-09-27 21:41	2022-09-16	Show	GitHub Exploit DB Packet Storm

1028	6.1	MEDIUM Network	radiustheme	classima classima_core classified_listing_store_\&_membership classified_listing	The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.2…	CWE-79 Cross-site Scripting	CVE-2022-2654	2024-09-27 21:41	2022-09-16	Show	GitHub Exploit DB Packet Storm

1029	7.5	HIGH Network	apache	inlong	Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attac…	CWE-74 Injection	CVE-2023-43667	2024-09-27 21:15	2023-10-16	Show	GitHub Exploit DB Packet Storm

1030	7.8	HIGH Local	hitachi	eh-view	UNSUPPORTED WHEN ASSIGNED Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclos…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2023-39984	2024-09-27 11:15	2023-08-23	Show	GitHub Exploit DB Packet Storm