Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 2, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198601 7.5 危険 ScriptsFeed.com - ScriptsFeed Recipes Listing Portal における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5039 2011-12-9 13:40 2011-11-2 Show GitHub Exploit DB Packet Storm
198602 6.8 警告 John Bradshaw - Nucleus 用 NP_Gallery プラグインにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-5040 2011-12-9 13:39 2011-11-2 Show GitHub Exploit DB Packet Storm
198603 7.5 危険 John Bradshaw - Nucleus 用 NP_Gallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5041 2011-12-9 13:38 2011-11-2 Show GitHub Exploit DB Packet Storm
198604 4.3 警告 Blue Constant Media Ltd - Joomla! 用 DJ-ArtGallery コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5042 2011-12-9 13:38 2011-11-2 Show GitHub Exploit DB Packet Storm
198605 6 警告 Blue Constant Media Ltd - Joomla! 用 DJ-ArtGallery コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5043 2011-12-9 13:34 2011-11-2 Show GitHub Exploit DB Packet Storm
198606 6 警告 Kanich - Joomla! 用 Search Log コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5044 2011-12-9 13:33 2011-11-2 Show GitHub Exploit DB Packet Storm
198607 4.3 警告 Sell@Site - Smart ASP Survey におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5045 2011-12-9 13:32 2011-11-2 Show GitHub Exploit DB Packet Storm
198608 5.1 警告 FFFTPプロジェクト - FFFTP における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2011-4266 2011-12-9 12:02 2011-12-9 Show GitHub Exploit DB Packet Storm
198609 5 警告 CA Technologies - CA ARCserve D2D の BaseServiceImpl.class における資格情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3011 2011-12-9 10:15 2011-08-9 Show GitHub Exploit DB Packet Storm
198610 4.3 警告 Vtiger - vTiger CRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4670 2011-12-8 12:30 2011-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 2, 2024, 8:17 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 6.4 MEDIUM
Network 		- - The WP Baidu Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'baidu_map' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitiz… Update - CVE-2024-9886 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
622 6.4 MEDIUM
Network 		- - The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient … Update CWE-79
Cross-site Scripting 		CVE-2024-9885 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
623 6.4 MEDIUM
Network 		- - The T(-) Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tminus' shortcode in all versions up to, and including, 2.4.8 due to insufficient input sanitiza… Update CWE-79
Cross-site Scripting 		CVE-2024-9884 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
624 7.3 HIGH
Network 		- - The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.0. This is due to the softw… Update CWE-94
Code Injection 		CVE-2024-9846 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
625 6.1 MEDIUM
Network 		- - The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inclu… Update CWE-79
Cross-site Scripting 		CVE-2024-8792 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
626 6.4 MEDIUM
Network 		- - The Ultimate TinyMCE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'field' shortcode in all versions up to, and including, 5.7 due to insufficient input sanitization and o… Update - CVE-2024-8627 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
627 - - - A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. This issue affects some unknown processing of the file /login.php. The manipulati… Update - CVE-2024-10509 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
628 - - - A vulnerability classified as critical was found in Codezips Free Exam Hall Seating Management System 1.0. This vulnerability affects unknown code of the file /login.php. The manipulation of the argu… Update CWE-89
SQL Injection 		CVE-2024-10507 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
629 - - - A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Blo… Update CWE-89
SQL Injection 		CVE-2024-10506 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm
630 - - - The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessin… Update CWE-73
 External Control of File Name or Path 		CVE-2023-5816 2024-11-1 21:57 2024-10-30 Show GitHub Exploit DB Packet Storm