Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 3, 2026, noon
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 229351 | 7.5 | 危険 | phpkf | - | phpKF の forum_duzen.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-6443 | 2012-12-20 19:10 | 2009-03-9 | Show | GitHub Exploit DB Packet Storm |
| 229352 | 5.8 | 警告 | sina | - | Sina Inc. DLoader Class ActiveX コントロールにおける任意のファイルを上書きされる脆弱性 |
CWE-Other
その他 |
CVE-2008-6442 | 2012-12-20 19:10 | 2009-03-9 | Show | GitHub Exploit DB Packet Storm |
| 229353 | 4.3 | 警告 | phpsqlitecms | - | phpSQLiteCMS におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2008-6435 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229354 | 7.5 | 危険 | psychostats | - | PsychoStats における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-6422 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229355 | 7.5 | 危険 | socialsitegenerator | - | Social Site Generator の social_game_play.php における PHP リモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2008-6421 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229356 | 5 | 警告 | socialsitegenerator | - | Social Site Generator における任意のファイルを読まれる脆弱性 |
CWE-200
情報漏えい |
CVE-2008-6420 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229357 | 7.5 | 危険 | socialsitegenerator | - | Social Site Generator における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-6419 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229358 | 7.5 | 危険 | torrenttrader | - | TorrentTrader の scrape.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2008-6418 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229359 | 10 | 危険 | Youngzsoft | - | YoungZSoft CCProxy におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2008-6415 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 229360 | 7.5 | 危険 | vignette | - | Vignette Content Management における管理者権限を取得される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2008-6412 | 2012-12-20 19:10 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 3, 2026, 4:18 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 215331 | 5.4 |
MEDIUM
Network |
pickplugins | accordion | An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher pe… |
CWE-79
Cross-site Scripting |
CVE-2020-13644 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215332 | 8.8 |
HIGH
Network |
siteorigin | page_builder | An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of … |
CWE-352
Origin Validation Error |
CVE-2020-13643 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215333 | 8.8 |
HIGH
Network |
siteorigin | page_builder | An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged o… |
CWE-352
Origin Validation Error |
CVE-2020-13642 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215334 | 8.8 |
HIGH
Network |
infolific | real-time_find_and_replace | An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on beh… |
CWE-352
Origin Validation Error |
CVE-2020-13641 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215335 | 6.1 |
MEDIUM
Network |
fork-cms | fork_cms | Fork before 5.8.3 allows XSS via navigation_title or title. |
CWE-79
Cross-site Scripting |
CVE-2020-13633 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215336 | 6.1 |
MEDIUM
Network |
centreon |
centreon_host-monitoring_widget centreon_tactical-overview_widget centreon_service-monitoring_widget |
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in v… |
CWE-79
Cross-site Scripting |
CVE-2020-13628 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215337 | 6.1 |
MEDIUM
Network |
centreon |
centreon_host-monitoring_widget centreon_tactical-overview_widget centreon_service-monitoring_widget |
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in … |
CWE-79
Cross-site Scripting |
CVE-2020-13627 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215338 | 5.5 |
MEDIUM
Local |
sqlite fedoraproject canonical netapp brocade debian siemens oracle |
sqlite fedora ubuntu_linux cloud_backup solidfire\ _enterprise_sds_\&_hci_storage_node fabric_operating_system hci_compute_node_firmware debian_linux sinec_infrastructu… |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. |
CWE-476
NULL Pointer Dereference |
CVE-2020-13632 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215339 | 5.5 |
MEDIUM
Local |
sqlite fedoraproject canonical netapp brocade siemens apple oracle |
sqlite fedora ubuntu_linux cloud_backup solidfire\ _enterprise_sds_\&_hci_storage_node fabric_operating_system hci_compute_node_firmware sinec_infrastructure_network_servi… |
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. |
NVD-CWE-noinfo
|
CVE-2020-13631 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215340 | 7.0 |
HIGH
Local |
sqlite fedoraproject canonical netapp brocade debian siemens apple oracle |
sqlite fedora ubuntu_linux cloud_backup solidfire\ _enterprise_sds_\&_hci_storage_node fabric_operating_system hci_compute_node_firmware debian_linux sinec_infrastructu… |
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. |
CWE-416
Use After Free |
CVE-2020-13630 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |