Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226501	7.5	危険	Pligg	-	Pligg CMS の submit.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6968	2012-12-20 19:10	2009-08-13	Show	GitHub Exploit DB Packet Storm

226502	7.5	危険	X7 Group	-	X7 Chat のログインページにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6964	2012-12-20 19:10	2009-08-13	Show	GitHub Exploit DB Packet Storm

226503	7.5	危険	turnkeyforms	-	TurnkeyForms Text Link Sales の admin.php における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6963	2012-12-20 19:10	2009-08-13	Show	GitHub Exploit DB Packet Storm

226504	5	警告	x10media	-	X10media x10 Automatic Mp3 Search Engine Script の download.php における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6960	2012-12-20 19:10	2009-08-12	Show	GitHub Exploit DB Packet Storm

226505	7.5	危険	wowraidmanager	-	WoW Raid Manager の auth/auth_phpbb3.php における認証を回避される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-7050	2012-12-20 19:10	2008-10-13	Show	GitHub Exploit DB Packet Storm

226506	7.5	危険	Simple Machines	-	SMF のパスワードリセット機能における他のユーザのパスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-6971	2012-12-20 19:10	2008-09-7	Show	GitHub Exploit DB Packet Storm

226507	7.5	危険	UBB Systems	-	UBB.threads の dosearch.inc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6970	2012-12-20 19:10	2008-09-2	Show	GitHub Exploit DB Packet Storm

226508	10	危険	raidsonic	-	RaidSonic ICY BOX NAS の userHandler.cgi における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-7081	2012-12-20 19:10	2009-08-25	Show	GitHub Exploit DB Packet Storm

226509	5	警告	phpclassifiedsscript	-	Team PHP PHP Classifieds Script におけるデータベース資格情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7080	2012-12-20 19:10	2009-08-25	Show	GitHub Exploit DB Packet Storm

226510	7.5	危険	relative	-	SailPlanner における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7077	2012-12-20 19:10	2009-08-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313181	5.4	MEDIUM Network	3ds	3dexperience	A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execu…	CWE-79 Cross-site Scripting	CVE-2024-6378	2024-08-22 00:53	2024-08-20	Show	GitHub Exploit DB Packet Storm

313182	9.8	CRITICAL Network	gotribe	gotribe-admin	A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log…	CWE-502 Deserialization of Untrusted Data	CVE-2024-8003	2024-08-22 00:51	2024-08-20	Show	GitHub Exploit DB Packet Storm

313183	9.8	CRITICAL Network	demozx	gf_cms	A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. T…	CWE-798 Use of Hard-coded Credentials	CVE-2024-8005	2024-08-22 00:49	2024-08-20	Show	GitHub Exploit DB Packet Storm

313184	9.8	CRITICAL Network	newlib_project	newlib	An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.	CWE-190 Integer Overflow or Wraparound	CVE-2024-30949	2024-08-22 00:48	2024-08-21	Show	GitHub Exploit DB Packet Storm

313185	-		-	-	The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins	-	CVE-2024-6843	2024-08-22 00:35	2024-08-19	Show	GitHub Exploit DB Packet Storm

313186	5.4	MEDIUM Network	adonesevangelista	laravel_property_management_system	A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/no…	CWE-79 Cross-site Scripting	CVE-2024-7945	2024-08-22 00:25	2024-08-20	Show	GitHub Exploit DB Packet Storm

313187	8.8	HIGH Network	adonesevangelista	laravel_property_management_system	A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been classified as critical. Affected is the function UpdateDocumentsRequest of the file DocumentsController.p…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-7944	2024-08-22 00:24	2024-08-20	Show	GitHub Exploit DB Packet Storm

313188	-		-	-	Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/domain_management.php?whitelist_add	-	CVE-2024-42612	2024-08-21 23:35	2024-08-21	Show	GitHub Exploit DB Packet Storm

313189	8.8	HIGH Network	siamonhasan	warehouse_inventory_system	A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.	CWE-352 Origin Validation Error	CVE-2024-42577	2024-08-21 23:35	2024-08-20	Show	GitHub Exploit DB Packet Storm

313190	-		-	-	Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks…	-	CVE-2024-35539	2024-08-21 23:35	2024-08-20	Show	GitHub Exploit DB Packet Storm