Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228291 7.5 危険 turnkeyforms - TurnkeyForms Local Classifieds における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6302 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
228292 7.5 危険 prezmo - phpBB 用の Small ShoutBox モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6301 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
228293 7.5 危険 toursmanager - Tours Manager の cityview.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6289 2012-12-20 19:10 2009-02-26 Show GitHub Exploit DB Packet Storm
228294 4.3 警告 subtextproject - Subtext におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6283 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228295 7.8 危険 rakhisoftware - RakhiSoftware Price Comparison Script における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-6279 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228296 4.3 警告 rakhisoftware - RakhiSoftware Price Comparison Script の product.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6278 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228297 7.5 危険 rakhisoftware - RakhiSoftware Price Comparison Script の product.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6277 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228298 6.8 警告 tbmnet - TBmnetCMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6271 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228299 7.5 危険 sadi samami - WEBBDOMAIN Multi Languages WebShop Online の detail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6268 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
228300 7.5 危険 ultrastats - Ultrastats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6260 2012-12-20 19:10 2009-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
225151 5.4 MEDIUM
Network 		bitwise-it webp_express The webp-express plugin before 0.14.8 for WordPress has stored XSS. CWE-79
Cross-site Scripting 		CVE-2019-15837 2024-11-21 13:29 2019-08-31 Show GitHub Exploit DB Packet Storm
225152 5.4 MEDIUM
Network 		bootstrapped wp_ultimate_recipe The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS. CWE-79
Cross-site Scripting 		CVE-2019-15836 2024-11-21 13:29 2019-08-31 Show GitHub Exploit DB Packet Storm
225153 8.8 HIGH
Network 		wp_better_permalinks_project wp_better_permalinks The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2019-15835 2024-11-21 13:29 2019-08-31 Show GitHub Exploit DB Packet Storm
225154 8.8 HIGH
Network 		webp_converter_for_media_project webp_converter_for_media The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2019-15834 2024-11-21 13:29 2019-08-31 Show GitHub Exploit DB Packet Storm
225155 7.5 HIGH
Network 		mulesoft mule_runtime
api_gateway 		Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released … CWE-22
Path Traversal 		CVE-2019-15630 2024-11-21 13:29 2019-08-31 Show GitHub Exploit DB Packet Storm
225156 6.1 MEDIUM
Network 		simple_mail_address_encoder_project simple_mail_address_encoder The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS. CWE-79
Cross-site Scripting 		CVE-2019-15833 2024-11-21 13:29 2019-08-30 Show GitHub Exploit DB Packet Storm
225157 8.8 HIGH
Network 		wp-buy visitor_traffic_real_time_statistics The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2019-15832 2024-11-21 13:29 2019-08-30 Show GitHub Exploit DB Packet Storm
225158 8.8 HIGH
Network 		wp-buy visitor_traffic_real_time_statistics The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page. CWE-352
 Origin Validation Error 		CVE-2019-15831 2024-11-21 13:29 2019-08-30 Show GitHub Exploit DB Packet Storm
225159 5.4 MEDIUM
Network 		icegram icegram_engage The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. CWE-79
Cross-site Scripting 		CVE-2019-15830 2024-11-21 13:29 2019-08-30 Show GitHub Exploit DB Packet Storm
225160 4.8 MEDIUM
Network 		greentreelabs gallery_photoblocks The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. CWE-79
Cross-site Scripting 		CVE-2019-15829 2024-11-21 13:29 2019-08-30 Show GitHub Exploit DB Packet Storm