Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196281	4.3	警告	ut-files	-	UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5007	2011-12-9 14:14	2011-11-2	Show	GitHub Exploit DB Packet Storm

196282	7.5	危険	Denali	-	BrightSuite Groupware における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5008	2011-12-9 14:13	2011-11-2	Show	GitHub Exploit DB Packet Storm

196283	7.5	危険	ut-files	-	UTStats の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5009	2011-12-9 14:12	2011-11-2	Show	GitHub Exploit DB Packet Storm

196284	4.3	警告	FullSite Pty Ltd	-	SchoolMation におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5010	2011-12-9 14:10	2011-11-2	Show	GitHub Exploit DB Packet Storm

196285	7.5	危険	FullSite Pty Ltd	-	SchoolMation における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5011	2011-12-9 14:10	2011-11-2	Show	GitHub Exploit DB Packet Storm

196286	7.5	危険	David Noguera Gutierrez	-	DaLogin における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5012	2011-12-9 14:09	2011-11-2	Show	GitHub Exploit DB Packet Storm

196287	7.5	危険	McKenzie Creations	-	Mckenzie Creations Virtual Real Estate Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5013	2011-12-9 14:04	2011-11-2	Show	GitHub Exploit DB Packet Storm

196288	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5014	2011-12-9 14:03	2011-11-2	Show	GitHub Exploit DB Packet Storm

196289	7.5	危険	2daybiz	-	2daybiz Network Community Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5015	2011-12-9 14:00	2011-11-2	Show	GitHub Exploit DB Packet Storm

196290	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5016	2011-12-9 14:00	2011-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 4, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
791	6.4	MEDIUM Network	-	-	The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3…	CWE-79 Cross-site Scripting	CVE-2024-8720	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

792	6.1	MEDIUM Network	-	-	The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitizati…	CWE-79 Cross-site Scripting	CVE-2024-8718	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

793	4.3	MEDIUM Network	-	-	The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettre_disconnect_gateway function in all versions up to, and incl…	CWE-862 Missing Authorization	CVE-2024-8675	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

794	6.5	MEDIUM Network	-	-	The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbs_ajax_load_fron…	CWE-862 Missing Authorization	CVE-2024-8632	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

795	8.1	HIGH Network	-	-	The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on several functions in all …	CWE-862 Missing Authorization	CVE-2024-8548	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

796	7.2	HIGH Network	-	-	The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. Thi…	CWE-79 Cross-site Scripting	CVE-2024-7869	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

797	8.8	HIGH Network	-	-	The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.1 via deserialization of untrusted input. This makes it possible for authenticated a…	CWE-502 Deserialization of Untrusted Data	CVE-2024-7434	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

798	8.8	HIGH Network	-	-	The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated …	CWE-502 Deserialization of Untrusted Data	CVE-2024-7433	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

799	8.8	HIGH Network	-	-	The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated …	CWE-502 Deserialization of Untrusted Data	CVE-2024-7432	2024-10-1 17:15	2024-10-1	Show	GitHub Exploit DB Packet Storm

800	6.4	MEDIUM Network	-	-	The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7.18 due to insufficient input sanitization and ou…	CWE-79 Cross-site Scripting	CVE-2024-8107	2024-10-1 16:15	2024-10-1	Show	GitHub Exploit DB Packet Storm