Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230331	7.5	危険	phpautos	-	PHP Autos の searchresults.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4498	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

230332	7.5	危険	select development solutions	-	PHP Realtor の view_cat.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4496	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

230333	7.5	危険	select development solutions	-	PHP Auto Dealer の view_cat.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4495	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

230334	7.5	危険	torrenttrader	-	TorrentTrader Classic の completed-advance.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4494	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

230335	7.5	危険	yourownbux	-	YourOwnBux の referrals.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4492	2012-12-20 18:52	2008-10-8	Show	GitHub Exploit DB Packet Storm

230336	10	危険	yerba	-	Yerba で使用される SACphp の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4486	2012-12-20 18:52	2008-10-7	Show	GitHub Exploit DB Packet Storm

230337	6.9	警告	Sympa	-	sympa の sympa.pl における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4476	2012-12-20 18:52	2008-10-7	Show	GitHub Exploit DB Packet Storm

230338	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Freelance Zone の view_cresume.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4469	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

230339	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Share Zone の view_news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4468	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

230340	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Toner Cart の show_series_ink.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4467	2012-12-20 18:52	2008-10-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196001	5.4	MEDIUM Network	codecabin	wp_go_maps	The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2021-24383	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196002	5.3	MEDIUM Network	wphappycoders	comments_like_dislike	The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user…	-	CVE-2021-24379	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196003	4.8	MEDIUM Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privil…	-	CVE-2021-24378	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196004	8.1	HIGH Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to pro…	-	CVE-2021-24377	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196005	9.8	CRITICAL Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extract…	-	CVE-2021-24376	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196006	5.3	MEDIUM Network	automattic	jetpack	The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was f…	-	CVE-2021-24374	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196007	6.1	MEDIUM Network	getastra	wp_hardening	The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflect…	-	CVE-2021-24373	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196008	6.1	MEDIUM Network	getastra	wp_hardening	The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-…	CWE-79 Cross-site Scripting	CVE-2021-24372	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196009	9.8	CRITICAL Network	radykal	fancy_product_designer	The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.	-	CVE-2021-24370	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

196010	5.4	MEDIUM Network	ayecode	getpaid	In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly…	-	CVE-2021-24369	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm