Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230401	7.8	危険	サン・マイクロシステムズ	-	SunMC の PRM モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-4117	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

230402	5	警告	talkback	-	TalkBack における設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-4115	2012-12-20 18:52	2008-09-16	Show	GitHub Exploit DB Packet Storm

230403	7.2	危険	Python Software Foundation	-	Python の Tools/faqwiz/move-faqwiz.sh における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4108	2012-12-20 18:52	2008-09-18	Show	GitHub Exploit DB Packet Storm

230404	5.1	警告	WordPress.org	-	WordPress におけるユーザパスワードを任意の値に変更される脆弱性	CWE-20 不適切な入力確認	CVE-2008-4106	2012-12-20 18:52	2008-09-8	Show	GitHub Exploit DB Packet Storm

230405	8.5	危険	The phpMyAdmin Project	-	phpMyAdmin の libraries/database_interface.lib.php における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-4096	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

230406	7.5	危険	Ruby on Rails project	-	Ruby on Rails における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4094	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

230407	6.8	警告	yourownbux	-	YourOwnBux の memberstats.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4093	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

230408	6.8	警告	source workshop	-	Web Directory Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4091	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

230409	7.5	危険	source workshop	-	Reciprocal Links Manager の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4086	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

230410	4.4	警告	stephenjungels	-	Plait の plaiter における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-4085	2012-12-20 18:52	2008-09-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195971	6.1	MEDIUM Network	community_events_project	community_events	The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leadin…	-	CVE-2021-24496	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195972	8.8	HIGH Network	handsome_testimonials_\&_reviews_project	handsome_testimonials_\&_reviews	The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hnd…	CWE-89 SQL Injection	CVE-2021-24492	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195973	6.1	MEDIUM Network	pickplugins	post_grid	The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross…	-	CVE-2021-24488	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195974	7.2	HIGH Network	ays-pro	secure_copy_content_protection_and_content_locking	The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24484	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195975	7.2	HIGH Network	ays-pro	poll_maker	The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24483	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195976	4.8	MEDIUM Network	any_hostname_project	any_hostname	The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS paylo…	-	CVE-2021-24481	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195977	4.8	MEDIUM Network	event_geek_project	event_geek	The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scriptin…	-	CVE-2021-24480	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195978	4.8	MEDIUM Network	drawblog_project	drawblog	The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue	-	CVE-2021-24479	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195979	5.4	MEDIUM Network	bookshelf_project	bookshelf	The Bookshelf WordPress plugin through 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting i…	CWE-79 Cross-site Scripting	CVE-2021-24478	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195980	6.1	MEDIUM Network	migrate_users_project	migrate_users	The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin …	-	CVE-2021-24477	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm