Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230481 4.3 警告 phpPgAdmin - phpPgAdmin の libraries/lib.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5587 2012-12-20 18:52 2008-12-16 Show GitHub Exploit DB Packet Storm
230482 4.3 警告 ProjectPier - ProjectPier におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5584 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230483 6.8 警告 ProjectPier - ProjectPier の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5583 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230484 7.5 危険 scssboard - sCssBoard の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5578 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230485 7.5 危険 scssboard - sCssBoard の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5577 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230486 7.5 危険 scssboard - sCssBoard の admin/forums.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-5576 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230487 7.5 危険 proclanmanager - Pro Clan Manager におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2008-5575 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230488 7.5 危険 unscripts - Webmaster Marketplace の member.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5574 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230489 4.3 警告 phpeppershop - PHPepperShop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5569 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
230490 4.3 警告 php multiple newsletters - Triangle Solutions PHP Multiple Newsletters の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5566 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195981 6.1 MEDIUM
Network 		marmoset marmoset_viewer The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting iss… - CVE-2021-24495 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
195982 6.5 MEDIUM
Network 		leaflet_map_project leaflet_map The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Fo… - CVE-2021-24467 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
195983 6.1 MEDIUM
Network 		wplearnmanager wp_learn_manager The WP LMS – Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and c… - CVE-2021-24504 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195984 5.4 MEDIUM
Network 		thememason popular_brand_icons_-_simple_icons The Popular Brand Icons – Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as … - CVE-2021-24503 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195985 6.1 MEDIUM
Network 		dwbooster calendar_event_multi_view The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a refle… - CVE-2021-24498 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195986 6.1 MEDIUM
Network 		community_events_project community_events The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leadin… - CVE-2021-24496 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195987 8.8 HIGH
Network 		handsome_testimonials_\&_reviews_project handsome_testimonials_\&_reviews The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hnd… CWE-89
SQL Injection 		CVE-2021-24492 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195988 6.1 MEDIUM
Network 		pickplugins post_grid The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross… - CVE-2021-24488 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195989 7.2 HIGH
Network 		ays-pro secure_copy_content_protection_and_content_locking The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL state… - CVE-2021-24484 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195990 7.2 HIGH
Network 		ays-pro poll_maker The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL state… - CVE-2021-24483 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm