Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228731 4.3 警告 radactive - RADactive I-Load の WebCoreModule.ashx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3450 2012-12-20 19:28 2009-09-29 Show GitHub Exploit DB Packet Storm
228732 6.8 警告 radactive - RADactive I-Load における任意のコードを実行される脆弱性 CWE-362
競合状態 		CVE-2009-3447 2012-12-20 19:28 2009-09-29 Show GitHub Exploit DB Packet Storm
228733 7.5 危険 rick estrada - Joomla! 用の MyRemote Video Gallery コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3446 2012-12-20 19:28 2009-09-28 Show GitHub Exploit DB Packet Storm
228734 7.5 危険 witchakorn kamolpornwijit - Joomla! 用の facebook コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3438 2012-12-20 19:28 2009-09-28 Show GitHub Exploit DB Packet Storm
228735 7.2 危険 サン・マイクロシステムズ - Sun Solaris Cluster の configuration utility における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3433 2012-12-20 19:28 2009-09-22 Show GitHub Exploit DB Packet Storm
228736 9.3 危険 pirateradio - Pirate Radio Destiny Media Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3429 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
228737 6.8 警告 zenas - Zenas PaoLink の login.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-3423 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
228738 6.8 警告 zenas - Zenas PaoLiber の login.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-3422 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
228739 6.8 警告 zenas - Zenas PaoBacheca Guestbook の login.php における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3421 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
228740 6.5 警告 Plume CMS - Plume CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3418 2012-12-20 19:28 2009-09-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194641 4.8 MEDIUM
Network 		qwizcards_project qwizcards The Qwizcards – online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting at… - CVE-2021-24706 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194642 4.8 MEDIUM
Network 		quiz_tool_lite_project quiz_tool_lite The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perfor… - CVE-2021-24701 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194643 4.3 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the dow… NVD-CWE-noinfo
CVE-2021-24698 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194644 6.1 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them bac… - CVE-2021-24697 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194645 7.5 HIGH
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to down… - CVE-2021-24695 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194646 6.5 MEDIUM
Network 		genie_wp_favicon_project genie_wp_favicon The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2021-24674 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194647 8.8 HIGH
Network 		feataholic maz_loader The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor t… - CVE-2021-24669 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194648 9.0 CRITICAL
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor … - CVE-2021-24693 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194649 4.8 MEDIUM
Network 		igexsolutions wpschoolpress The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Sto… - CVE-2021-24664 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
194650 8.1 HIGH
Network 		genetechsolutions pie_register The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing… - CVE-2021-24647 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm