Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228581	7.5	危険	TYPO3 Association	-	TYPO3 用の Webesse E-Card エクステンションにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4740	2012-12-20 19:28	2010-03-26	Show	GitHub Exploit DB Packet Storm

228582	6.8	警告	skadate	-	SkaDate Dating の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4739	2012-12-20 19:28	2010-03-26	Show	GitHub Exploit DB Packet Storm

228583	4.3	警告	sensesites	-	CommonSense CMS の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4736	2012-12-20 19:28	2010-03-23	Show	GitHub Exploit DB Packet Storm

228584	6.8	警告	supercrackmunkey	-	SimpleLoginSys の checkuser.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4733	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

228585	6.8	警告	technotoad	-	TT Web Site Manager の tt/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4732	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

228586	7.5	危険	x10media	-	x10 Adult Media Script の report.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4730	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

228587	4.3	警告	x10media	-	x10 Adult Media Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4729	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

228588	7.5	危険	questions answered	-	Questions Answered の管理インターフェースにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4728	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

228589	4.3	警告	phpscriptsnow	-	Real Time Currency Exchange の rates.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4715	2012-12-20 19:28	2010-03-15	Show	GitHub Exploit DB Packet Storm

228590	7.5	危険	tukanas	-	Tukanas Classifieds Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4712	2012-12-20 19:28	2010-03-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194551	6.1	MEDIUM Network	ays-pro	survey_maker	Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).	CWE-79 Cross-site Scripting	CVE-2021-26256	2024-11-21 14:55	2022-02-22	Show	GitHub Exploit DB Packet Storm

194552	9.8	CRITICAL Network	if-me	ifme	In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the user initiated logout. It makes it possible for an attacker to reuse the admin cookies either via local/n…	-	CVE-2021-25992	2024-11-21 14:55	2022-02-10	Show	GitHub Exploit DB Packet Storm

194553	2.7	LOW Network	arangodb	arangodb	In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests pe…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-25939	2024-11-21 14:55	2022-02-9	Show	GitHub Exploit DB Packet Storm

194554	6.1	MEDIUM Network	cacti	cacti	As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL paramete…	CWE-79 Cross-site Scripting	CVE-2021-26247	2024-11-21 14:55	2022-01-20	Show	GitHub Exploit DB Packet Storm

194555	3.0	LOW Network	kubernetes	kubernetes	kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as…	NVD-CWE-Other	CVE-2021-25743	2024-11-21 14:55	2022-01-7	Show	GitHub Exploit DB Packet Storm

194556	8.8	HIGH Network	userfrosting	userfrosting	In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f…	CWE-74 Injection	CVE-2021-25994	2024-11-21 14:55	2022-01-3	Show	GitHub Exploit DB Packet Storm

194557	9.8	CRITICAL Network	talkyard	talkyard	In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the …	CWE-613 Insufficient Session Expiration	CVE-2021-25981	2024-11-21 14:55	2022-01-3	Show	GitHub Exploit DB Packet Storm

194558	5.4	MEDIUM Network	requarks	wiki.js	In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while u…	CWE-79 Cross-site Scripting	CVE-2021-25993	2024-11-21 14:55	2021-12-30	Show	GitHub Exploit DB Packet Storm

194559	7.3	HIGH Network	if-me	ifme	In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete …	NVD-CWE-Other	CVE-2021-25991	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm

194560	5.4	MEDIUM Network	if-me	ifme	In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe.	CWE-79 Cross-site Scripting	CVE-2021-25990	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm