Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199821 7.5 危険 delmaa.com - arabhost の function.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1146 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
199822 5 警告 comscripts - J-Web Pics Navigator の jwpn-photos.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1144 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
199823 9.4 危険 barekoncept - pheap の edit.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1140 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
199824 10 危険 cromosoft - Cromosoft SPP における任意のスクリプトをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1139 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
199825 5 警告 cromosoft - Cromosoft SPP の list_main_pages.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1138 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
199826 6.8 警告 efiction - eFiction における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1118 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
199827 6.8 警告 activecalendar - ActiveCalendar におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1111 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
199828 5 警告 activecalendar - ActiveCalendar の data/showcode.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1110 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
199829 6.8 警告 cs-gallery - Christian Schneider CS-Gallery の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1108 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
199830 7.5 危険 Coppermine Photo Gallery - CPG の thumbnails.php における SQL インジェクションの脆弱性 - CVE-2007-1107 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
741 6.4 MEDIUM
Network 		- - The Utilities for MTG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mtglink' shortcode in all versions up to, and including, 1.4.1 due to insufficient input sani… CWE-79
Cross-site Scripting 		CVE-2024-13433 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
742 6.1 MEDIUM
Network 		- - The Webcamconsult plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on a function. Thi… CWE-352
 Origin Validation Error 		CVE-2024-13432 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
743 6.4 MEDIUM
Network 		- - The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_videos' shortcode in all versions up to, and i… CWE-79
Cross-site Scripting 		CVE-2024-13393 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
744 6.4 MEDIUM
Network 		- - The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_content_up… CWE-79
Cross-site Scripting 		CVE-2024-13391 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
745 6.4 MEDIUM
Network 		- - The JSM Screenshot Machine Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ssm' shortcode in all versions up to, and including, 2.3.0 due to insufficient… CWE-79
Cross-site Scripting 		CVE-2024-13385 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
746 4.3 MEDIUM
Network 		- - The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validat… CWE-352
 Origin Validation Error 		CVE-2024-13317 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
747 6.4 MEDIUM
Network 		- - The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisper_picture_upload_guest shortcode in all ver… CWE-79
Cross-site Scripting 		CVE-2024-12696 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
748 6.1 MEDIUM
Network 		- - The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2. This is due to missing nonce validation on the wpabstracts_load_status()… CWE-352
 Origin Validation Error 		CVE-2024-12385 2025-01-18 16:15 2025-01-18 Show GitHub Exploit DB Packet Storm
749 4.4 MEDIUM
Network 		- - The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version <= 4.1.25 due to insufficient input sanitization and output escaping… CWE-79
Cross-site Scripting 		CVE-2025-0554 2025-01-18 15:15 2025-01-18 Show GitHub Exploit DB Packet Storm
750 5.3 MEDIUM
Network 		- - The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, an… CWE-200
Information Exposure 		CVE-2025-0318 2025-01-18 15:15 2025-01-18 Show GitHub Exploit DB Packet Storm