Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194961 6.8 警告 DesDev Inc. - DeDeCMS の include/userlogin.class.php における管理者アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-1097 2012-06-26 16:19 2010-03-24 Show GitHub Exploit DB Packet Storm
194962 6.8 警告 1024cms - 1024 CMS の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1093 2012-06-26 16:19 2010-03-24 Show GitHub Exploit DB Packet Storm
194963 5 警告 corejoomla
Joomla!		 - Core Joomla! の communitypolls コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1081 2012-06-26 16:19 2010-03-23 Show GitHub Exploit DB Packet Storm
194964 4.3 警告 entrylevelcms - EL CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1076 2012-06-26 16:19 2010-03-23 Show GitHub Exploit DB Packet Storm
194965 7.5 危険 entrylevelcms - EL CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1075 2012-06-26 16:19 2010-03-23 Show GitHub Exploit DB Packet Storm
194966 5 警告 ASP indir - Erolife AjxGaleri VT におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1064 2012-06-26 16:19 2010-03-23 Show GitHub Exploit DB Packet Storm
194967 4.3 警告 alexandre dubus - AudiStat の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1052 2012-06-26 16:19 2010-03-22 Show GitHub Exploit DB Packet Storm
194968 7.5 危険 alexandre dubus - AudiStat の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1051 2012-06-26 16:19 2010-03-22 Show GitHub Exploit DB Packet Storm
194969 7.5 危険 alexandre dubus - AudiStat の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1050 2012-06-26 16:19 2010-03-22 Show GitHub Exploit DB Packet Storm
194970 7.5 危険 Joomla!
design-cars		 - Joomla! 用の Productbook コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1045 2012-06-26 16:19 2010-03-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311 - - - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella van Durpe Slides & Presentations allows Code Injection.This issue affects Slides & Presentations: f… CWE-80
Basic XSS 		CVE-2025-23919 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
312 - - - Missing Authorization vulnerability in Chandrika Guntur, Morgan Kay Chamber Dashboard Business Directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cha… CWE-862
 Missing Authorization 		CVE-2025-23917 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
313 - - - Missing Authorization vulnerability in Nuanced Media WP Meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through 2.3.0. CWE-862
 Missing Authorization 		CVE-2025-23916 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
314 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT … CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-23915 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
315 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pankajpragma, rahulpragma WordPress Google Map Professional allows SQL Injection.This issue affec… CWE-89
SQL Injection 		CVE-2025-23913 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
316 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typomedia Foundation WordPress Custom Sidebar allows Blind SQL Injection.This issue affects WordP… CWE-89
SQL Injection 		CVE-2025-23912 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
317 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solidres Team Solidres – Hotel booking plugin allows SQL Injection.This issue affects Solidres – … CWE-89
SQL Injection 		CVE-2025-23911 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
318 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Compare Ninja allows Stored XSS.This issue affects Compare Ninja: from n/a through 2… CWE-79
Cross-site Scripting 		CVE-2025-23909 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
319 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rami Yushuvaev Pastebin allows Stored XSS.This issue affects Pastebin: from n/a through 1.5. CWE-79
Cross-site Scripting 		CVE-2025-23908 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
320 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in closed SOCIAL.NINJA allows Stored XSS. This issue affects SOCIAL.NINJA: from n/a through 0.2. CWE-79
Cross-site Scripting 		CVE-2025-23907 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm