Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229601	7.5	危険	Ruby on Rails project	-	Ruby on Rails における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4094	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

229602	6.8	警告	yourownbux	-	YourOwnBux の memberstats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4093	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229603	6.8	警告	source workshop	-	Web Directory Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4091	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229604	7.5	危険	source workshop	-	Reciprocal Links Manager の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4086	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229605	4.4	警告	stephenjungels	-	Plait の plaiter における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4085	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229606	7.5	危険	stash	-	Stash の admin/login.php における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-4081	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229607	6.8	警告	stash	-	Stash における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4080	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229608	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4074	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229609	7.5	危険	zanfi solutions	-	Zanfi Autodealers CMS AutOnline の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4073	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

229610	7.5	危険	phsdev	-	phsBlog の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4072	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311801	-		-	-	Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial o…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26310	2024-10-28 22:58	2024-10-27	Show	GitHub Exploit DB Packet Storm

311802	-		-	-	Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service …	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26309	2024-10-28 22:58	2024-10-27	Show	GitHub Exploit DB Packet Storm

311803	-		-	-	Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service …	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26308	2024-10-28 22:58	2024-10-27	Show	GitHub Exploit DB Packet Storm

311804	-		-	-	HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of S…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26307	2024-10-28 22:58	2024-10-27	Show	GitHub Exploit DB Packet Storm

311805	-		-	-	Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerabl…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26306	2024-10-28 22:58	2024-10-27	Show	GitHub Exploit DB Packet Storm

311806	9.8	CRITICAL Network	-	-	The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This is due to insufficient verification on th…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-9501	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

311807	7.5	HIGH Network	-	-	The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to…	CWE-862 Missing Authorization	CVE-2024-10402	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

311808	6.4	MEDIUM Network	-	-	The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcf_donate shortcode in all versions up to, and including, 2.1.11 due to insufficient input san…	CWE-79 Cross-site Scripting	CVE-2024-10117	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

311809	7.3	HIGH Network	-	-	The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.9. This is due to the software allowin…	-	CVE-2024-9772	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

311810	6.4	MEDIUM Network	-	-	The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1 due to insufficient input sanitization and o…	-	CVE-2024-9116	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm