Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 25, 2024, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198001 4.3 警告 JAMWiki - JAMWiki の Special:Login におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5054 2011-11-25 11:46 2010-04-1 Show GitHub Exploit DB Packet Storm
198002 4.3 警告 The GetSimple Team - GetSimple CMS の admin/components.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5052 2011-11-25 11:45 2011-11-23 Show GitHub Exploit DB Packet Storm
198003 4.3 警告 razorCMS - razorCMS の admin/core/admin_func.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5051 2011-11-25 11:44 2011-11-23 Show GitHub Exploit DB Packet Storm
198004 4.3 警告 Zoho Corporation - ManageEngine ADManager Plus におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5050 2011-11-25 11:43 2011-11-23 Show GitHub Exploit DB Packet Storm
198005 7.5 危険 Zabbix - Zabbix の events.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5049 2011-11-25 11:42 2011-11-23 Show GitHub Exploit DB Packet Storm
198006 4.3 警告 JoomlaTune
Joomla!		 - JoomlaTune JComments におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5048 2011-11-25 11:42 2011-11-23 Show GitHub Exploit DB Packet Storm
198007 7.5 危険 V-EVA - V-EVA Press Release Script における任意の SQL コマンドを実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5047 2011-11-25 11:41 2011-11-23 Show GitHub Exploit DB Packet Storm
198008 4.3 警告 ecoCMS - ecoCMS の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5046 2011-11-25 11:40 2011-11-23 Show GitHub Exploit DB Packet Storm
198009 7.5 危険 Alephsystem - CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5058 2011-11-25 10:14 2011-11-23 Show GitHub Exploit DB Packet Storm
198010 7.5 危険 Alephsystem - CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5057 2011-11-25 10:13 2011-11-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 26, 2024, 5:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211 - - - A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent cha… New - CVE-2024-48140 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
212 - - - A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a craf… New - CVE-2024-48139 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
213 - - - Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service atta… New CWE-270
 Privilege Context Switching Error 		CVE-2024-47173 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
214 - - - baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue. New CWE-79
Cross-site Scripting 		CVE-2024-46998 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
215 - - - baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue. New CWE-79
Cross-site Scripting 		CVE-2024-46996 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
216 - - - baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue. New CWE-79
Cross-site Scripting 		CVE-2024-46995 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
217 - - - baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue. New CWE-79
Cross-site Scripting 		CVE-2024-46994 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
218 - - - php-heic-to-jpg <= 1.0.5 is vulnerable to remote code execution. An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no long… New - CVE-2024-48514 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
219 - - - Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication. New - CVE-2024-48442 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm
220 - - - Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4 was discovered to contain a command injection vulnerability via the component at_command.asp. New - CVE-2024-48441 2024-10-25 21:56 2024-10-25 Show GitHub Exploit DB Packet Storm