Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205791 9.3 危険 Parallels - Parallels Plesk Panel の Control Panel における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4854 2011-12-20 14:40 2011-12-16 Show GitHub Exploit DB Packet Storm
205792 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4853 2011-12-20 14:38 2011-12-16 Show GitHub Exploit DB Packet Storm
205793 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4852 2011-12-20 14:38 2011-12-16 Show GitHub Exploit DB Packet Storm
205794 9.3 危険 Parallels - Parallels Plesk Panel の Control Panel における認証を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4851 2011-12-20 14:13 2011-12-16 Show GitHub Exploit DB Packet Storm
205795 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4850 2011-12-20 14:12 2011-12-16 Show GitHub Exploit DB Packet Storm
205796 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における Cookie をキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2011-4849 2011-12-20 14:11 2011-12-16 Show GitHub Exploit DB Packet Storm
205797 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4848 2011-12-20 14:10 2011-12-16 Show GitHub Exploit DB Packet Storm
205798 7.5 危険 Parallels - Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4847 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
205799 4.3 警告 Parallels - Parallels Plesk Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4777 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
205800 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4776 2011-12-20 12:22 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258401 - cold_bbs cold_bbs Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for db/cforum.mdb. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5597 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258402 - phpmygallery phpmygallery Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter. CWE-22
Path Traversal 		CVE-2008-5598 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258403 - merlix teamworx_server SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. NOTE: … CWE-89
SQL Injection 		CVE-2008-5599 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258404 - merlix teamworx_server Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5600 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258405 - robs-projects asp_user_engine User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5601 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258406 - natterchat natterchat Natterchat 1.12 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for natterchat112.md… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5602 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258407 - aspapps aspticker ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5603 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258408 - drennansoft my_simple_forum Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot do… CWE-22
Path Traversal 		CVE-2008-5604 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258409 - aspapps aspportal Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. CWE-89
SQL Injection 		CVE-2008-5605 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm
258410 - gazatem_technologies qmail_mailing_list_manager Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct reque… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5606 2017-09-29 10:32 2008-12-17 Show GitHub Exploit DB Packet Storm