Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 9, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202811 7.5 危険 Joomla!
Jextensions		 - Joomla! 用 JExtensions JE Director コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4862 2012-02-9 11:07 2011-10-5 Show GitHub Exploit DB Packet Storm
202812 7.5 危険 webSPELL - webSPELL の asearch.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4861 2012-02-9 11:06 2011-10-5 Show GitHub Exploit DB Packet Storm
202813 7.5 危険 Galaxyscriptz - MyPhpAuction の product_desc.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4860 2012-02-9 11:05 2011-10-5 Show GitHub Exploit DB Packet Storm
202814 7.5 危険 WebAsyst - WebAsyst Shop-Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4859 2012-02-9 11:05 2011-10-5 Show GitHub Exploit DB Packet Storm
202815 5 警告 Joerg Risse - DNET Live-Stats の team.rc5-72.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4858 2012-02-9 11:04 2011-10-5 Show GitHub Exploit DB Packet Storm
202816 7.5 危険 Curtiss Grymala - CAG CMS の click.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4857 2012-02-9 11:03 2011-10-5 Show GitHub Exploit DB Packet Storm
202817 7.5 危険 ASP indir - xWeblog の arsiv.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4856 2012-02-9 11:03 2011-10-5 Show GitHub Exploit DB Packet Storm
202818 7.5 危険 ASP indir - xWeblog の oku.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4855 2012-02-9 11:02 2011-10-5 Show GitHub Exploit DB Packet Storm
202819 6.8 警告 Zuitu - Zuitu の ajax/coupon.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4854 2012-02-9 11:02 2011-10-5 Show GitHub Exploit DB Packet Storm
202820 7.5 危険 Chill Creations - Joomla! 用 ccInvoices コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4853 2012-02-9 11:01 2011-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1151 - - - An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS … - CVE-2024-12912 2025-01-2 18:15 2025-01-2 Show GitHub Exploit DB Packet Storm
1152 - - - The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present. - CVE-2024-56830 2025-01-2 14:15 2025-01-2 Show GitHub Exploit DB Packet Storm
1153 - - - The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys. - CVE-2002-20002 2025-01-2 14:15 2025-01-2 Show GitHub Exploit DB Packet Storm
1154 - - - Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection. - CVE-2025-22214 2025-01-2 13:15 2025-01-2 Show GitHub Exploit DB Packet Storm
1155 9.8 CRITICAL
Network 		- - The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens… - CVE-2024-13061 2025-01-2 11:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1156 - - - A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument per… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0168 2025-01-1 23:15 2025-01-1 Show GitHub Exploit DB Packet Storm
1157 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: f… CWE-79
Cross-site Scripting 		CVE-2024-56021 2025-01-1 09:15 2025-01-1 Show GitHub Exploit DB Packet Storm
1158 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mario Di Pasquale SvegliaT Buttons allows Stored XSS.This issue affects SvegliaT Buttons: from n/… CWE-79
Cross-site Scripting 		CVE-2024-56020 2025-01-1 09:15 2025-01-1 Show GitHub Exploit DB Packet Storm
1159 - - - Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. - CVE-2024-23438 2025-01-1 09:15 2025-01-1 Show GitHub Exploit DB Packet Storm
1160 - - - Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. - CVE-2024-23437 2025-01-1 09:15 2025-01-1 Show GitHub Exploit DB Packet Storm