Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 18, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197041 10 危険 BrowserCRM - BrowserCRM の pub/clients.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2689 2012-06-26 16:02 2008-06-13 Show GitHub Exploit DB Packet Storm
197042 7.5 危険 flux cms - Flux CMS の webinc/bxe/scripts/loadsave.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2686 2012-06-26 16:02 2008-06-13 Show GitHub Exploit DB Packet Storm
197043 7.5 危険 battleblog - Battle Blog の article.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2685 2012-06-26 16:02 2008-06-12 Show GitHub Exploit DB Packet Storm
197044 9.3 危険 black ice - Black Ice Barcode SDK の BIDIB.BIDIBCtrl.1 ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2684 2012-06-26 16:02 2008-06-12 Show GitHub Exploit DB Packet Storm
197045 9.3 危険 black ice - Black Ice Barcode SDK の BIDIB.BIDIBCtrl.1 ActiveX コントロールにおける任意のファイルのダウンロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2683 2012-06-26 16:02 2008-06-12 Show GitHub Exploit DB Packet Storm
197046 7.5 危険 erfurtwiki - ErfurtWiki におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2672 2012-06-26 16:02 2008-06-11 Show GitHub Exploit DB Packet Storm
197047 7.5 危険 dcfm blog - DCFM Blog の comments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2671 2012-06-26 16:02 2008-06-11 Show GitHub Exploit DB Packet Storm
197048 5.1 警告 SUSE - SUSE openSUSE および他のプラットフォーム上の Courier Authentication Library における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2667 2012-06-26 16:02 2008-07-7 Show GitHub Exploit DB Packet Storm
197049 6.8 警告 Preben Bjorn Biermann Madsen - CMSimple の cmsimple/cms.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2650 2012-06-26 16:02 2008-06-10 Show GitHub Exploit DB Packet Storm
197050 7.5 危険 don3 - DesktopOnNet における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2649 2012-06-26 16:02 2008-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 6.4 MEDIUM
Network 		- - The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yeepdf_dotab shortcode in all versions up to, and including, 4.… CWE-79
Cross-site Scripting 		CVE-2024-12593 2025-01-15 21:15 2025-01-15 Show GitHub Exploit DB Packet Storm
622 4.3 MEDIUM
Network 		- - The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropack_rml_notification function in all versions up to, and inc… CWE-862
 Missing Authorization 		CVE-2024-11851 2025-01-15 21:15 2025-01-15 Show GitHub Exploit DB Packet Storm
623 8.1 HIGH
Network 		- - The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'nitropack_dismiss_notice_forever' AJAX action in all versions up to, an… CWE-862
 Missing Authorization 		CVE-2024-11848 2025-01-15 21:15 2025-01-15 Show GitHub Exploit DB Packet Storm
624 - - - A stored Cross-site Scripting (XSS) vulnerability exists in the MGate 5121/5122/5123 Series firmware version v1.0 because of insufficient sanitization and encoding of user input in the "Login Message… - CVE-2025-0193 2025-01-15 20:15 2025-01-15 Show GitHub Exploit DB Packet Storm
625 - - - A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiDeceptor 3.x all versions, 4.x all versions, 5.0 all versions, 5.1 all versions, version 5.2.0,… CWE-79
Cross-site Scripting 		CVE-2024-35280 2025-01-15 20:15 2025-01-15 Show GitHub Exploit DB Packet Storm
626 9.8 CRITICAL
Network 		- - The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3. This is due to the plugin not properly restricting what user meta can be upd… CWE-269
 Improper Privilege Management 		CVE-2024-9636 2025-01-15 19:15 2025-01-15 Show GitHub Exploit DB Packet Storm
627 7.2 HIGH
Network 		- - The Social proof testimonials and reviews by Repuso plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rw_image_badge1' shortcode in all versions up to, and including… CWE-79
Cross-site Scripting 		CVE-2024-13351 2025-01-15 19:15 2025-01-15 Show GitHub Exploit DB Packet Storm
628 6.4 MEDIUM
Network 		- - The WP Smart TV plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tv-video-player' shortcode in all versions up to, and including, 2.1.8 due to insufficient input sa… CWE-79
Cross-site Scripting 		CVE-2024-12818 2025-01-15 19:15 2025-01-15 Show GitHub Exploit DB Packet Storm
629 6.1 MEDIUM
Network 		- - The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.7 due to insuffici… CWE-79
Cross-site Scripting 		CVE-2024-12423 2025-01-15 19:15 2025-01-15 Show GitHub Exploit DB Packet Storm
630 6.1 MEDIUM
Network 		- - The Image Gallery – Responsive Photo Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'awsmgallery' parameter in all versions up to, and including, 1.0.5 due to in… CWE-79
Cross-site Scripting 		CVE-2024-12403 2025-01-15 19:15 2025-01-15 Show GitHub Exploit DB Packet Storm