Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 19, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195091 7.5 危険 anything-digital
Joomla!		 - Joomla! の Anything Digital Development JCal Pro コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4431 2012-06-26 16:18 2009-12-28 Show GitHub Exploit DB Packet Storm
195092 3.5 注意 Drupal
alexander hass		 - Drupal の Sections モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4429 2012-06-26 16:18 2009-12-16 Show GitHub Exploit DB Packet Storm
195093 7.5 危険 Deon George - phpLDAPadmin のcmd.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4427 2012-06-26 16:18 2009-12-28 Show GitHub Exploit DB Packet Storm
195094 4.3 警告 aditus - Aditus Consulting JpGraph の GetURLArguments 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4422 2012-06-26 16:18 2009-12-24 Show GitHub Exploit DB Packet Storm
195095 6.5 警告 Alexander Palmo - Simple PHP Blog の languages_cgi.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4421 2012-06-26 16:18 2009-12-24 Show GitHub Exploit DB Packet Storm
195096 7.5 危険 edgewall - Trac における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-4405 2012-06-26 16:18 2009-12-23 Show GitHub Exploit DB Packet Storm
195097 7.5 危険 daniel ptzinger
TYPO3 Association		 - TYPO3 用の Document Directorys 拡張機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4393 2012-06-26 16:18 2009-12-22 Show GitHub Exploit DB Packet Storm
195098 4.3 警告 daniel regelein
TYPO3 Association		 - TYPO3 用の File list 拡張機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4391 2012-06-26 16:18 2009-12-22 Show GitHub Exploit DB Packet Storm
195099 4.3 警告 frank krger
TYPO3 Association		 - TYPO3 の nl_listman 拡張におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4388 2012-06-26 16:18 2009-12-22 Show GitHub Exploit DB Packet Storm
195100 7.5 危険 bookingcentre - Venalsur Booking Centre Booking System の hotel_tiempolibre_ext.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4386 2012-06-26 16:18 2009-12-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 - - - Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2. New CWE-352
 Origin Validation Error 		CVE-2025-23560 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
402 - - - Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5. New CWE-352
 Origin Validation Error 		CVE-2025-23559 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
403 - - - Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0. New CWE-352
 Origin Validation Error 		CVE-2025-23558 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
404 - - - Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2. New CWE-352
 Origin Validation Error 		CVE-2025-23557 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
405 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through … New CWE-79
Cross-site Scripting 		CVE-2025-23547 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
406 - - - Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3. New CWE-352
 Origin Validation Error 		CVE-2025-23537 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
407 - - - Cross-Site Request Forgery (CSRF) vulnerability in Adrian Moreno WP Lyrics allows Stored XSS.This issue affects WP Lyrics: from n/a through 0.4.1. New CWE-352
 Origin Validation Error 		CVE-2025-23533 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
408 - - - Cross-Site Request Forgery (CSRF) vulnerability in Regios MyAnime Widget allows Privilege Escalation.This issue affects MyAnime Widget: from n/a through 1.0. New CWE-352
 Origin Validation Error 		CVE-2025-23532 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
409 - - - Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of Social Ink Custom Post Type Lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through … New CWE-352
 Origin Validation Error 		CVE-2025-23530 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
410 - - - Incorrect Privilege Assignment vulnerability in Wouter Dijkstra DD Roles allows Privilege Escalation.This issue affects DD Roles: from n/a through 4.1. New CWE-266
 Incorrect Privilege Assignment 		CVE-2025-23528 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm