Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 30, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195931 4.3 警告 VideoWhisper.com - VideoWhisper PHP 2 Way Video Chat コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4971 2011-12-9 14:19 2011-11-2 Show GitHub Exploit DB Packet Storm
195932 7.5 危険 OlyKit - OlyKit Swoopo Clone 2010 の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4997 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
195933 7.5 危険 Maulana Al Matien - ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4998 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
195934 7.5 危険 Joe Pieruccini - MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5000 2011-12-9 14:17 2011-11-2 Show GitHub Exploit DB Packet Storm
195935 7.5 危険 2daybiz - 2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5004 2011-12-9 14:16 2011-11-2 Show GitHub Exploit DB Packet Storm
195936 4.3 警告 Rayzz - Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5005 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
195937 7.5 危険 Emophp Programming - EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5006 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
195938 4.3 警告 ut-files - UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5007 2011-12-9 14:14 2011-11-2 Show GitHub Exploit DB Packet Storm
195939 7.5 危険 Denali - BrightSuite Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5008 2011-12-9 14:13 2011-11-2 Show GitHub Exploit DB Packet Storm
195940 7.5 危険 ut-files - UTStats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5009 2011-12-9 14:12 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 30, 2024, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
681 - - - Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict… CWE-79
Cross-site Scripting 		CVE-2024-9198 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
682 - - - The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output … CWE-79
Cross-site Scripting 		CVE-2024-9173 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
683 6.4 MEDIUM
Network 		- - The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati… CWE-79
Cross-site Scripting 		CVE-2024-9127 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
684 6.4 MEDIUM
Network 		- - The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping… CWE-79
Cross-site Scripting 		CVE-2024-9125 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
685 6.4 MEDIUM
Network 		- - The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc… CWE-79
Cross-site Scripting 		CVE-2024-9117 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
686 6.4 MEDIUM
Network 		- - The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and… CWE-79
Cross-site Scripting 		CVE-2024-9115 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
687 7.2 HIGH
Network 		- - The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization a… CWE-79
Cross-site Scripting 		CVE-2022-4541 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
688 - - - Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitiv… - CVE-2024-47083 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
689 - - - Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter. - CVE-2023-51157 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
690 - - - Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1. - CVE-2024-47315 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm