Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196371 4.3 警告 codetoad - CodeToad ASP Shopping Cart Script におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6500 2012-06-26 16:10 2009-03-20 Show GitHub Exploit DB Packet Storm
196372 5.5 警告 Apache Friends - XAMPP の security/xamppsecurity.php における重要な変数を偽装される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6499 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
196373 6.8 警告 Apache Friends - XAMPP の security/xamppsecurity.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6498 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
196374 5 警告 easy-news - Easy Content Management Publishing におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6493 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
196375 7.5 危険 denis moinel - PHPGKit における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6491 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
196376 7.5 危険 flysforum - FLABER の function/update_xml.php における任意のファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6490 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
196377 7.5 危険 digiappz - Digiappz DigiAffiliate の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6487 2012-06-26 16:10 2009-03-18 Show GitHub Exploit DB Packet Storm
196378 4.3 警告 BlogEngine.NET - BlogEngine.NET の blog/search.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6476 2012-06-26 16:10 2009-03-16 Show GitHub Exploit DB Packet Storm
196379 7.5 危険 drake team - Drake CMS の components/guestbook/guestbook.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6475 2012-06-26 16:10 2009-03-16 Show GitHub Exploit DB Packet Storm
196380 6.8 警告 edikon - Edikon phpShop におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2008-6455 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
691 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uri Weil WP Order By allows Reflected XSS.This issue affects WP Order By: from n/a through 1.4.2. CWE-79
Cross-site Scripting 		CVE-2025-22765 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
692 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpwebs Team - VA Jariwala WP Post Corrector allows Reflected XSS.This issue affects WP Post Corre… CWE-79
Cross-site Scripting 		CVE-2025-22764 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
693 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Octrace Studio WordPress HelpDesk & Support Ticket System Plugin – Octrace Support allows Stored … CWE-79
Cross-site Scripting 		CVE-2025-22762 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
694 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer Ajax Contact Form allows Stored XSS.This issue affects Ajax Contact Form: from n/a t… CWE-79
Cross-site Scripting 		CVE-2025-22761 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
695 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeBard CodeBard Help Desk allows Reflected XSS.This issue affects CodeBard Help Desk: from n/a … CWE-79
Cross-site Scripting 		CVE-2025-22760 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
696 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This i… CWE-79
Cross-site Scripting 		CVE-2025-22759 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
697 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aiwp Elementor AI Addons allows DOM-Based XSS.This issue affects Elementor AI Addons: from n/a th… CWE-79
Cross-site Scripting 		CVE-2025-22758 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
698 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in James Bavington WP Headmaster allows Reflected XSS.This issue affects WP Headmaster: from n/a thr… CWE-79
Cross-site Scripting 		CVE-2025-22755 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
699 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Berkman Center for Internet & Society Amber allows Reflected XSS.This issue affects Amber: from n… CWE-79
Cross-site Scripting 		CVE-2025-22754 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm
700 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dueclic turboSMTP allows Reflected XSS.This issue affects turboSMTP: from n/a through 4.6. CWE-79
Cross-site Scripting 		CVE-2025-22753 2025-01-16 01:15 2025-01-16 Show GitHub Exploit DB Packet Storm