Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 13, 2025, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199211	6.8	警告	blue dragon	-	Php Blue Dragon の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4960	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

199212	4.3	警告	Drupal	-	Drupal の Site Profile Directory におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4949	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

199213	6.8	警告	Drupal	-	Drupal の Search Keywords モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4947	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

199214	5.1	警告	cmsdevelopment	-	BCWB の include/startup.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4946	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

199215	5.1	警告	cardway	-	Cardway DigitalWebShop における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4945	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

199216	7.5	危険	boesch-it	-	ProgSys の includes/pear/Net/DNS/RR.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4944	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

199217	4.3	警告	esyndicat portal system	-	eSyndiCat Portal System の search.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4923	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

199218	7.5	危険	ASP indir	-	TR の uye_profil.asp における SQL インジェクションの脆弱性	-	CVE-2006-4916	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

199219	2.6	注意	a.l-pifou	-	A.l-Pifou におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4914	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

199220	7.5	危険	AlstraSoft	-	AlstraSoft E-friends の chat/getStartOptions.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4913	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
631	6.4	MEDIUM Network	-	-	The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider Widget in all versions up to, and including, 2.2.4 due to insufficient input …	CWE-79 Cross-site Scripting	CVE-2024-12205	2025-01-8 14:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

632	6.5	MEDIUM Network	-	-	The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'key' attribute of the 'mdf_value' shortcode in all versions up to, and including, 1.3.3.5 due t…	CWE-89 SQL Injection	CVE-2024-12030	2025-01-8 14:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

633	8.8	HIGH Network	-	-	The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.3…	CWE-862 Missing Authorization	CVE-2024-11271	2025-01-8 14:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

634	8.8	HIGH Network	-	-	The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type va…	CWE-862 Missing Authorization	CVE-2024-11270	2025-01-8 14:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

635	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56456	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

636	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56455	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

637	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56454	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

638	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56453	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

639	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56452	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

640	-		-	-	Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-56451	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm