Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 3, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198121 6.8 警告 foresite cms - foresite CMS の search_de.html におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5643 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198122 7.5 危険 faq administrator - Faq Administrator の faq_reply.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5637 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198123 7.5 危険 ee tool - EE Tool の ip.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5623 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198124 7.5 危険 Coppermine Photo Gallery - Coppermine Photo Gallery の picmgr.php における SQL インジェクションの脆弱性 - CVE-2006-5622 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198125 7.5 危険 ask rave - ask_rave の end.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-5621 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198126 7.5 危険 fully modded phpbb - Teake Nutma Foing の player/includeds/common.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5610 2012-06-26 15:37 2006-10-30 Show GitHub Exploit DB Packet Storm
198127 7.5 危険 Drupal - Drupal 用の xtracker における SQL インジェクションの脆弱性 - CVE-2006-5608 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
198128 7.5 危険 bytesfall explorer - bfExplorer における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-5606 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
198129 2.1 注意 axalto - Axalto Protiva における権限を取得される脆弱性 - CVE-2006-5600 2012-06-26 15:37 2006-10-27 Show GitHub Exploit DB Packet Storm
198130 7.5 危険 aep networks - AEP Smartgate の SSL サーバにおけるディレクトリトラバーサルの脆弱性 - CVE-2006-5596 2012-06-26 15:37 2006-10-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor Addon:… New CWE-79
Cross-site Scripting 		CVE-2024-56268 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
92 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoolPlugins Coins MarketCap allows DOM-Based XSS.This issue affects Coins MarketCap: from n/a thr… New CWE-79
Cross-site Scripting 		CVE-2024-56257 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
93 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markyis Cool Olivia allows Reflected XSS.This issue affects Olivia: from n/a through 0.9.5. New CWE-79
Cross-site Scripting 		CVE-2024-56014 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
94 - - - Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro allows Authentication Bypass.This issue affects ListingPro: from n/a through 2.9.4. New CWE-352
 Origin Validation Error 		CVE-2024-39623 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
95 - - - Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search.This issue affects WP Fast Total Search: from n/a through 1.69.234. New CWE-352
 Origin Validation Error 		CVE-2024-38778 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
96 - - - Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9. New CWE-352
 Origin Validation Error 		CVE-2024-38764 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
97 - - - A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.ht… New CWE-285
CWE-266
Improper Authorization
 Incorrect Privilege Assignment 		CVE-2024-13109 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
98 - - - A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulati… New CWE-284
CWE-266
Improper Access Control
 Incorrect Privilege Assignment 		CVE-2024-13108 2025-01-2 22:15 2025-01-2 Show GitHub Exploit DB Packet Storm
99 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ConvertCalculator ConvertCalculator for WordPress allows Stored XSS.This issue affects ConvertCal… New CWE-79
Cross-site Scripting 		CVE-2024-56302 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
100 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.com Interactive UK Map allows Stored XSS.This issue affects Interactive UK Map: from n/a… New CWE-79
Cross-site Scripting 		CVE-2024-56267 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm