Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 12:05 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197121 7.5 危険 DeltaScripts - DeltaScripts PHP Shop の admin/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5648 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197122 5 警告 CMS Made Simple - CMS Made Simple の admin/login.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5642 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197123 7.5 危険 Activewebsoftwares - Active Photo Gallery の account.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5641 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197124 7.5 危険 Activewebsoftwares - Active Bids の bidhistory.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5640 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197125 7.5 危険 Activewebsoftwares - Active Price Comparison における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5638 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197126 7.5 危険 Activewebsoftwares - Active Membership の account.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5635 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197127 7.5 危険 Activewebsoftwares - Active Force Matrix の account.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5634 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197128 7.5 危険 Activewebsoftwares - ActiveVotes の register.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5633 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197129 7.5 危険 Activewebsoftwares - Active Time Billing の Account.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5632 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197130 5 警告 aspapps - ASPTicker におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5603 2012-06-26 16:03 2008-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
781 - - - Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The `FetchVerse` and `FetchPassage` functions in the Bible Module are susceptible to injection… CWE-20
 Improper Input Validation  		CVE-2025-23202 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
782 - - - Caido is a web security auditing toolkit. A Cross-Site Scripting (XSS) vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and respo… CWE-79
Cross-site Scripting 		CVE-2025-23039 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
783 6.3 MEDIUM
Network 		- - A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /expadd.php. The manipulation of the arg… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0540 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
784 - - - WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php. - CVE-2024-57033 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
785 - - - The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC cus… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2025-23206 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
786 - - - nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users wit… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2025-23205 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
787 - - - stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The application registe… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2025-21606 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
788 - - - Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability - CVE-2025-21399 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
789 - - - Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter. - CVE-2024-57030 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm
790 - - - A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/log… - CVE-2025-0534 2025-01-18 06:15 2025-01-18 Show GitHub Exploit DB Packet Storm