Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195201 7.5 危険 andrew charlton
WordPress.org		 - WordPress の My Category Order プラグインの mycategoryorder.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4748 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
195202 4.3 警告 dreamlevels - Dreamlevels DreamPoll の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4746 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
195203 7.5 危険 dreamlevels - Dreamlevels DreamPoll の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4745 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
195204 4.3 警告 AfterLogic - AfterLogic WebMail Pro の history-storage.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4743 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
195205 7.5 危険 Docebo - Docebo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4742 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
195206 7.5 危険 Allomani - Allomani Audio & Video Library の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4735 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
195207 7.5 危険 Allomani - Allomani Movies Library の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4734 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
195208 7.5 危険 boldfx - Model Agency Manager PRO の photos.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4731 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
195209 5.1 警告 Arab Portal - Arab Portal の modules/aljazeera/admin/setup.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4725 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
195210 7.5 危険 andrews-web - A-W BannerAd の Admin/index.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4721 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
561 - - - A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql inj… - CVE-2025-0488 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
562 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg. - CVE-2024-57022 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
563 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg. - CVE-2024-57021 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
564 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg. - CVE-2024-57020 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
565 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg. - CVE-2024-57019 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
566 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg. - CVE-2024-57018 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
567 - - - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg. - CVE-2024-57017 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
568 - - - An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message. - CVE-2024-50953 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
569 - - - An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions - CVE-2025-22968 2025-01-17 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
570 - - - Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. - CVE-2024-57483 2025-01-17 01:15 2025-01-15 Show GitHub Exploit DB Packet Storm