Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196891	5	警告	dotnetindex	-	Professional Download Assistant におけるデータベースファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5572	2012-06-26 16:03	2008-12-15	Show	GitHub Exploit DB Packet Storm

196892	7.5	危険	dotnetindex	-	Professional Download Assistant の admin/login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5571	2012-06-26 16:03	2008-12-15	Show	GitHub Exploit DB Packet Storm

196893	7.5	危険	Activewebsoftwares	-	Active eWebquiz の start.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5631	2012-06-26 16:03	2008-12-17	Show	GitHub Exploit DB Packet Storm

196894	7.5	危険	Activewebsoftwares	-	Active Trade の account.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5627	2012-06-26 16:03	2008-12-17	Show	GitHub Exploit DB Packet Storm

196895	4	警告	dxmsoft	-	XM Easy Personal FTP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-5626	2012-06-26 16:03	2008-12-17	Show	GitHub Exploit DB Packet Storm

196896	5	警告	aspapps	-	ASP AutoDealer におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5608	2012-06-26 16:03	2008-12-16	Show	GitHub Exploit DB Packet Storm

196897	5	警告	gazatem technologies	-	Gazatem QMail Mailing List Manager におけるデータベースファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5606	2012-06-26 16:03	2008-12-16	Show	GitHub Exploit DB Packet Storm

196898	7.5	危険	aspapps	-	ASP Portal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5605	2012-06-26 16:03	2008-12-16	Show	GitHub Exploit DB Packet Storm

196899	6.8	警告	drennansoft	-	My Simple Forum の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5604	2012-06-26 16:03	2008-12-16	Show	GitHub Exploit DB Packet Storm

196900	6.8	警告	bonzacart	-	Bonza Cart の admin/ad_settings.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-5567	2012-06-26 16:03	2008-12-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 23, 2025, 5:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
821	-	-	-	Missing Authorization vulnerability in Goldstar Goldstar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Goldstar: from n/a through 2.1.1.	CWE-862 Missing Authorization	CVE-2025-23962	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

822	-	-	-	Missing Authorization vulnerability in WP Tasker WordPress Graphs & Charts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n…	CWE-862 Missing Authorization	CVE-2025-23961	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

823	-	-	-	Missing Authorization vulnerability in Sur.ly Sur.ly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through 3.0.3.	CWE-862 Missing Authorization	CVE-2025-23957	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

824	-	-	-	Missing Authorization vulnerability in xola.com Xola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through 1.6.	CWE-862 Missing Authorization	CVE-2025-23955	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

825	-	-	-	Missing Authorization vulnerability in AWcode & KingfisherFox Salvador – AI Image Generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Im…	CWE-862 Missing Authorization	CVE-2025-23954	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

826	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DivEngine Gallery: Hybrid – Advanced Visual Gallery allows Stored XSS.This issue affects Gallery:…	CWE-79 Cross-site Scripting	CVE-2025-23951	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

827	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Said Shiripour EZPlayer allows Stored XSS.This issue affects EZPlayer: from n/a through 1.0.10.	CWE-79 Cross-site Scripting	CVE-2025-23950	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

828	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M.J WP-Player allows Stored XSS.This issue affects WP-Player: from n/a through 2.6.1.	CWE-79 Cross-site Scripting	CVE-2025-23947	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

829	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in le Pixel Solitaire Enhanced YouTube Shortcode allows Stored XSS.This issue affects Enhanced YouTu…	CWE-79 Cross-site Scripting	CVE-2025-23946	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

830	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arul PDF.js Shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through 1.0.	CWE-79 Cross-site Scripting	CVE-2025-23943	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm