Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 4, 2025, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202971	4.3	警告	Zen Cart	-	Zen Cart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4567	2011-11-30 16:34	2011-11-29	Show	GitHub Exploit DB Packet Storm

202972	4.3	警告	Zen Cart	-	Zen Cart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4547	2011-11-30 16:34	2011-11-29	Show	GitHub Exploit DB Packet Storm

202973	4.3	警告	Hastymail	-	Hastymail2 の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4541	2011-11-30 16:32	2011-11-29	Show	GitHub Exploit DB Packet Storm

202974	4.3	警告	XOOPS	-	XOOPS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4565	2011-11-30 16:32	2011-10-3	Show	GitHub Exploit DB Packet Storm

202975	4.3	警告	Activedev	-	Active CMS の admin script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4564	2011-11-30 16:31	2011-11-28	Show	GitHub Exploit DB Packet Storm

202976	4.3	警告	JAKCMS	-	JAKCMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4563	2011-11-30 16:27	2011-09-22	Show	GitHub Exploit DB Packet Storm

202977	4.3	警告	Phorum	-	Phorum の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4561	2011-11-30 16:24	2011-11-28	Show	GitHub Exploit DB Packet Storm

202978	3.5	注意	Drupal	-	Drupal の Petition Node モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4560	2011-11-30 16:23	2011-10-5	Show	GitHub Exploit DB Packet Storm

202979	7.5	危険	Vtiger	-	vTiger CRM の Calendar モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4559	2011-11-30 16:22	2011-11-28	Show	GitHub Exploit DB Packet Storm

202980	4.3	警告	Contao	-	Contao におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4335	2011-11-29 16:28	2011-11-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1111	6.4	MEDIUM Network	-	-	The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.6.46 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-11230	2024-12-23 14:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1112	-		-	-	A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint…	CWE-285 CWE-266 Improper Authorization Incorrect Privilege Assignment	CVE-2024-12901	2024-12-23 11:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1113	-		-	-	A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipula…	CWE-94 CWE-74 Code Injection Injection	CVE-2024-12900	2024-12-23 11:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1114	-		-	-	home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an admini…	CWE-78 OS Command	CVE-2024-54082	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1115	-		-	-	Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote …	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2024-52321	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1116	-		-	-	home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the pro…	CWE-120 Classic Buffer Overflow	CVE-2024-47864	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1117	-		-	-	Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.	CWE-489 Exposure of Data Element to Wrong Session	CVE-2024-46873	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1118	-		-	-	home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root…	CWE-78 OS Command	CVE-2024-45721	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1119	-		-	-	A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. T…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-12899	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm

1120	-		-	-	A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/faculty_action.php. …	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-12898	2024-12-23 10:15	2024-12-23	Show	GitHub Exploit DB Packet Storm