Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233461	7.5	危険	speedtech	-	SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性	CWE-20 CWE-94	CVE-2007-4738	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

233462	7.5	危険	speedtech	-	STPHPLibrary における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4737	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

233463	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の TMReg.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4731	2012-12-20 18:33	2007-09-11	Show	GitHub Exploit DB Packet Storm

233464	5	警告	weboddity	-	Web Oddity におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4726	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

233465	7.5	危険	weblogicnet	-	Weblogicnet における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4715	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

233466	7.5	危険	yvora	-	Yvora の error_view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4714	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

233467	4.3	警告	roi revolution	-	Urchin の urchin.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4713	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

233468	4.3	警告	www.toms-seiten.at	-	Toms Gaestebuch におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4711	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

233469	7.5	危険	phpBB	-	phpBB 用の Links MOD における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4653	2012-12-20 18:33	2007-09-4	Show	GitHub Exploit DB Packet Storm

233470	6.4	警告	xgb	-	xGB の xGB.php における不特定の変更を実行される脆弱性	CWE-noinfo 情報不足	CVE-2007-4637	2012-12-20 18:33	2007-08-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314881	8.8	HIGH Network	-	-	The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the th_shop_mania_install_and_activate_callback() function in al…	CWE-862 Missing Authorization	CVE-2024-10674	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314882	8.8	HIGH Network	-	-	The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the top_store_install_and_activate_callback() function in all versio…	CWE-862 Missing Authorization	CVE-2024-10673	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314883	9.8	CRITICAL Network	-	-	The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-10627	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314884	8.8	HIGH Network	-	-	The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up …	CWE-22 Path Traversal	CVE-2024-10626	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314885	9.8	CRITICAL Network	-	-	The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions…	CWE-22 Path Traversal	CVE-2024-10625	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314886	5.5	MEDIUM Network	-	-	The Anih - Creative Agency WordPress Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2024 due to an incomplete blacklis…	CWE-79 Cross-site Scripting	CVE-2024-9775	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314887	6.4	MEDIUM Network	-	-	The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.0 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2024-8960	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314888	-		-	-	The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.0 via the 'ce_template' shortcode due to insufficient restriction…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10779	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314889	4.3	MEDIUM Network	-	-	The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it poss…	CWE-862 Missing Authorization	CVE-2024-10588	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

314890	6.5	MEDIUM Network	-	-	The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and…	CWE-862 Missing Authorization	CVE-2024-10294	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm