Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193501	4.3	警告	シトリックス・システムズ	-	Citrix EPA ActiveX コントロールにおける任意のプログラムをクライアントシステム上にダウンロードされる脆弱性	-	CVE-2007-3679	2012-06-26 15:46	2007-07-25	Show	GitHub Exploit DB Packet Storm

193502	4.3	警告	Dotclear	-	DotClear の ecrire/tools.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3672	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

193503	5	警告	activereportsexcelreport	-	ActiveReportsExcelReport の EXCLEXPT.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3667	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

193504	5	警告	eltima software	-	Eltima Software RunService ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3664	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

193505	5	警告	eltima software	-	VSPort.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3661	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

193506	4.3	警告	fascript	-	Farsi Script FaName におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-3653	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

193507	6.8	警告	fascript	-	Farsi Script FaName の class/page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3652	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

193508	4.3	警告	fascript	-	Farsi Script FaName の class/page.php における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-3651	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

193509	4.6	警告	freewrl	-	FreeWRL の doBrowserAction 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-3659	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

193510	7.5	危険	flashgamescript	-	FlashGameScript の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3646	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
661	-		-	-	A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-11212	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

662	-		-	-	A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It …	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2024-11211	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

663	-		-	-	A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the ar…	CWE-22 Path Traversal	CVE-2024-11210	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

664	7.5	HIGH Network	-	-	A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.	CWE-20 Improper Input Validation	CVE-2022-2232	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

665	-		-	-	An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2. Thi…	CWE-708 Incorrect Ownership Assignment	CVE-2024-9633	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm

666	-		-	-	A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /login…	-	CVE-2024-50843	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm

667	-		-	-	A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbi…	-	CVE-2024-50842	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm

668	-		-	-	A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execu…	-	CVE-2024-50841	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm

669	-		-	-	A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary …	-	CVE-2024-50840	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm

670	-		-	-	A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbi…	-	CVE-2024-50839	2024-11-15 22:58	2024-11-14	Show	GitHub Exploit DB Packet Storm