Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 7, 2025, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207061	2.6	注意	富士通九州システムズ	-	e-Pares におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2151	2010-06-2 15:04	2010-06-2	Show	GitHub Exploit DB Packet Storm

207062	4.3	警告	富士通九州システムズ	-	e-Pares におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2150	2010-06-2 15:02	2010-06-2	Show	GitHub Exploit DB Packet Storm

207063	2.1	注意	アドビシステムズ	-	Adobe ColdFusion における重要な情報を取得される脆弱性	CWE-200 CWE-noinfo	CVE-2010-1294	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

207064	4.3	警告	アドビシステムズ	-	Adobe ColdFusion の Administrator ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1293	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

207065	4.3	警告	アドビシステムズ	-	Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3467	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

207066	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の pami RIFF chunk 構文解析における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1292	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

207067	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1291	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

207068	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1290	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

207069	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2152	2010-06-1 16:01	2010-06-1	Show	GitHub Exploit DB Packet Storm

207070	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1289	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 7, 2025, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1161	5.3	MEDIUM Network	-	-	The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions like 'marketking…	CWE-862 Missing Authorization	CVE-2024-12413	2024-12-25 13:15	2024-12-25	Show	GitHub Exploit DB Packet Storm

1162	8.8	HIGH Network	-	-	The WP Travel Engine – Elementor Widgets \| Create Travel Booking Website Using WordPress and Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including,…	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2024-12272	2024-12-25 13:15	2024-12-25	Show	GitHub Exploit DB Packet Storm

1163	4.3	MEDIUM Network	-	-	The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to unauthorized access of data due to a …	CWE-862 Missing Authorization	CVE-2024-12190	2024-12-25 13:15	2024-12-25	Show	GitHub Exploit DB Packet Storm

1164	6.5	MEDIUM Network	-	-	The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin \| WooCommerce Booking plugin for WordPress is vulnerable to SQL Injection via the 'enquiry_id' parameter of t…	CWE-89 SQL Injection	CVE-2024-12032	2024-12-25 13:15	2024-12-25	Show	GitHub Exploit DB Packet Storm

1165	-		-	-	A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. Affected by this issue is some unknown functionality of the file /usuarios/tipos/2 of the compon…	-	CVE-2024-12893	2024-12-25 12:15	2024-12-22	Show	GitHub Exploit DB Packet Storm

1166	-		-	-	A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. …	-	CVE-2024-12892	2024-12-25 12:15	2024-12-22	Show	GitHub Exploit DB Packet Storm

1167	-		-	-	A vulnerability classified as critical has been found in code-projects Online Exam Mastering System 1.0. Affected is an unknown function of the file /account.php?q=quiz&step=2. The manipulation of th…	-	CVE-2024-12891	2024-12-25 12:15	2024-12-22	Show	GitHub Exploit DB Packet Storm

1168	-		-	-	A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manip…	-	CVE-2024-12890	2024-12-25 12:15	2024-12-22	Show	GitHub Exploit DB Packet Storm

1169	-		-	-	A reflected cross-site scripting vulnerability in MONITORAPP Application Insight Web Application Firewall (AIWAF) <= 4.1.6 and <=5.0 was identified on the subpage `/process_management/process_status.…	-	CVE-2021-40959	2024-12-25 12:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1170	-		-	-	A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the '…	-	CVE-2024-55239	2024-12-25 12:15	2024-12-19	Show	GitHub Exploit DB Packet Storm