Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197261 6.5 警告 e107.org - e107 の usersettings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5320 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
197262 7.8 危険 アップル
マイクロソフト		 - Apple iPhone Configuration Web Utility の Web インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5315 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
197263 6.8 警告 Bharat Mediratta - Gallery における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-5296 2012-06-26 16:03 2008-11-21 Show GitHub Exploit DB Packet Storm
197264 7.5 危険 bdigital web solutions - WebStudio eCatalogue の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5294 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
197265 7.5 危険 bdigital web solutions - WebStudio eHotel の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5293 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
197266 7.5 危険 fuzzylime - FuzzyLime の code/track.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5291 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
197267 6.4 警告 ghh - GHH File Upload Manager におけるアップロードされたファイルを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5283 2012-06-26 16:03 2008-11-28 Show GitHub Exploit DB Packet Storm
197268 6.8 警告 dmitry baryshev - ksquirrel-libs の kernel/kls_hdr/fmt_codec_hdr.cpp におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5263 2012-06-26 16:03 2009-02-26 Show GitHub Exploit DB Packet Storm
197269 7.5 危険 devil - DevIL の src-IL/src/il_hdr.c の iGetHdrHeader 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5262 2012-06-26 16:03 2009-01-13 Show GitHub Exploit DB Packet Storm
197270 9.3 危険 アクシスコミュニケーションズ - AXIS Camera Control の CamImage.CamImage.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5260 2012-06-26 16:03 2009-01-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
941 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jérémy Heleine WP Photo Sphere allows Stored XSS.This issue affects WP Photo Sphere: from n/a thr… CWE-79
Cross-site Scripting 		CVE-2025-23924 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
942 - - - Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0. CWE-352
 Origin Validation Error 		CVE-2025-23922 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
943 - - - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Ella van Durpe Slides & Presentations allows Code Injection.This issue affects Slides & Presentations: f… CWE-80
Basic XSS 		CVE-2025-23919 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
944 - - - Missing Authorization vulnerability in Chandrika Guntur, Morgan Kay Chamber Dashboard Business Directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cha… CWE-862
 Missing Authorization 		CVE-2025-23917 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
945 - - - Missing Authorization vulnerability in Nuanced Media WP Meetup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meetup: from n/a through 2.3.0. CWE-862
 Missing Authorization 		CVE-2025-23916 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
946 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT … CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-23915 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
947 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pankajpragma, rahulpragma WordPress Google Map Professional allows SQL Injection.This issue affec… CWE-89
SQL Injection 		CVE-2025-23913 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
948 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typomedia Foundation WordPress Custom Sidebar allows Blind SQL Injection.This issue affects WordP… CWE-89
SQL Injection 		CVE-2025-23912 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
949 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solidres Team Solidres – Hotel booking plugin allows SQL Injection.This issue affects Solidres – … CWE-89
SQL Injection 		CVE-2025-23911 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
950 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Compare Ninja allows Stored XSS.This issue affects Compare Ninja: from n/a through 2… CWE-79
Cross-site Scripting 		CVE-2025-23909 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm