Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231211	10	危険	pie	-	Pie における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-5332	2012-12-20 18:52	2008-12-4	Show	GitHub Exploit DB Packet Storm

231212	7.5	危険	xoops hocasi	-	XOOPS 用の GesGaleri モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5321	2012-12-20 18:52	2008-12-3	Show	GitHub Exploit DB Packet Storm

231213	5	警告	Tiki Software Community Association	-	Tikiwiki における脆弱性	CWE-noinfo 情報不足	CVE-2008-5319	2012-12-20 18:52	2008-10-17	Show	GitHub Exploit DB Packet Storm

231214	5	警告	Tiki Software Community Association	-	Tikiwiki における脆弱性	CWE-noinfo 情報不足	CVE-2008-5318	2012-12-20 18:52	2008-10-17	Show	GitHub Exploit DB Packet Storm

231215	7.5	危険	pilotgroup	-	PG Roommate Finder Solution の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5307	2012-12-20 18:52	2008-12-2	Show	GitHub Exploit DB Packet Storm

231216	7.5	危険	pilotgroup	-	PG Real Estate Solution の admin/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5306	2012-12-20 18:52	2008-12-2	Show	GitHub Exploit DB Packet Storm

231217	10	危険	TWiki	-	TWiki における任意の Perl コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-5305	2012-12-20 18:52	2008-11-21	Show	GitHub Exploit DB Packet Storm

231218	4.3	警告	TWiki	-	TWiki におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5304	2012-12-20 18:52	2008-11-18	Show	GitHub Exploit DB Packet Storm

231219	7.6	危険	vitalwerks	-	No-IP DUC におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5297	2012-12-20 18:52	2008-12-1	Show	GitHub Exploit DB Packet Storm

231220	7.5	危険	videogirls	-	VideoGirls BiZ の view_snaps.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5292	2012-12-20 18:52	2008-12-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196911	8.8	HIGH Network	feataholic	maz_loader	The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor t…	-	CVE-2021-24669	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196912	9.0	CRITICAL Network	tipsandtricks-hq	simple_download_monitor	The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor …	-	CVE-2021-24693	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196913	4.8	MEDIUM Network	igexsolutions	wpschoolpress	The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Sto…	-	CVE-2021-24664	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196914	8.1	HIGH Network	genetechsolutions	pie_register	The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing…	-	CVE-2021-24647	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196915	4.8	MEDIUM Network	bookingholdings	booking.com_banner_creator	The Booking.com Banner Creator WordPress plugin before 1.4.3 does not properly sanitize inputs when creating banners, which could allow high privilege users to perform Cross-Site Scripting attacks ev…	-	CVE-2021-24646	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196916	4.8	MEDIUM Network	bookingholdings	booking.com_product_helper	The Booking.com Product Helper WordPress plugin before 1.0.2 does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Sc…	-	CVE-2021-24645	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196917	8.8	HIGH Network	unlimited_popups_project	unlimited_popups	The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authentica…	-	CVE-2021-24631	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196918	8.8	HIGH Network	schreikasten_project	schreikasten	The Schreikasten WordPress plugin through 0.14.18 does not sanitise or escape the id GET parameter before using it in SQL statements in the comments dashboard from various actions, leading to authent…	-	CVE-2021-24630	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196919	7.2	HIGH Network	post_content_xmlrpc_project	post_content_xmlrpc	The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated S…	-	CVE-2021-24629	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196920	7.2	HIGH Network	wow-company	wow_forms	The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authentic…	CWE-89 SQL Injection	CVE-2021-24628	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm