Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 9, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198711 6.8 警告 bestwebapp - BestWebApp Dating Site の login_form.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6022 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198712 7.5 危険 bestwebapp - BestWebApp Dating Site のログインコンポーネントにおける SQL インジェクションの脆弱性 - CVE-2006-6021 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198713 6.8 警告 blog torrent - Blog Torrent Preview の announce.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6020 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198714 6.8 警告 bloofox - Bill Roberts Bloo の extensions/googiespell/googlespell_proxy.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6019 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198715 5 警告 アップル - Safari の JavaScript 実装におけるバッファオーバーフローの脆弱性 - CVE-2006-6015 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198716 2.1 注意 trustedbsd
NetBSD
midnightbsd
FreeBSD
dragonflybsd		 - 複数の BSD カーネル製品の IEEE-1394 ドライバ の FW_IOCTL 関数における整数符号化エラーの脆弱性 - CVE-2006-6013 2012-06-26 15:37 2006-11-21 Show GitHub Exploit DB Packet Storm
198717 7.5 危険 Cactusoft International FZ-LLC & Cactusoft Ltd. - wwWeb concepts CactuShop における SQL インジェクションの脆弱性 - CVE-2006-5991 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198718 7.5 危険 aspintranet - ASPintranet の default.asp における SQL インジェクションの脆弱性 - CVE-2006-5987 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198719 6.8 警告 extreme cms - Extreme CMS の admin/options.php における不正な操作を実行される脆弱性 - CVE-2006-5986 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198720 6.8 警告 extreme cms - Extreme CMS の admin/options.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5985 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 9, 2025, 4:56 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 6.1 MEDIUM
Network 		- - The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a funct… CWE-352
 Origin Validation Error 		CVE-2024-12279 2025-01-4 21:15 2025-01-4 Show GitHub Exploit DB Packet Storm
622 6.5 MEDIUM
Network 		- - The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection via the 'project_id' parameter of the /w… CWE-89
SQL Injection 		CVE-2024-12195 2025-01-4 21:15 2025-01-4 Show GitHub Exploit DB Packet Storm
623 6.1 MEDIUM
Network 		- - The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘_wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient in… CWE-79
Cross-site Scripting 		CVE-2024-12221 2025-01-4 19:15 2025-01-4 Show GitHub Exploit DB Packet Storm
624 - - - A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /details2.php. The manipulation of the argument id leads to s… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0205 2025-01-4 18:15 2025-01-4 Show GitHub Exploit DB Packet Storm
625 9.9 CRITICAL
Network 		- - The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and Arbitrary File Read in all versions up to, and including, 1.3.23 via Twig Server-Side Template Injection. … CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2024-12583 2025-01-4 18:15 2025-01-4 Show GitHub Exploit DB Packet Storm
626 6.4 MEDIUM
Network 		- - The Taskbuilder – WordPress Project & Task Management plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wppm_tasks shortcode in all versions up to, and includi… CWE-79
Cross-site Scripting 		CVE-2024-11930 2025-01-4 18:15 2025-01-4 Show GitHub Exploit DB Packet Storm
627 - - - A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argument … CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0204 2025-01-4 17:15 2025-01-4 Show GitHub Exploit DB Packet Storm
628 6.1 MEDIUM
Network 		- - The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ page’ parameter in all versions up to, and including, 1.1.2 due t… CWE-79
Cross-site Scripting 		CVE-2024-12701 2025-01-4 17:15 2025-01-4 Show GitHub Exploit DB Packet Storm
629 5.4 MEDIUM
Network 		- - The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up t… CWE-352
 Origin Validation Error 		CVE-2024-12545 2025-01-4 17:15 2025-01-4 Show GitHub Exploit DB Packet Storm
630 6.1 MEDIUM
Network 		- - The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘custom_server’ parameter in all versions up to, and including,… CWE-79
Cross-site Scripting 		CVE-2024-12047 2025-01-4 17:15 2025-01-4 Show GitHub Exploit DB Packet Storm