Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246881 7.5 危険 Blue River - Blue River Interactive Group Sava CMS の index.cfm における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6434 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246882 4.3 警告 Blue River - Blue River Interactive Group Sava CMS の index.cfm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6433 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246883 4.3 警告 bmforum - BMForum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6431 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246884 7.5 危険 comicshout - ComicShout の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6425 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246885 5 警告 greensql - GreenSQL-Console における"インストールディレクトリ" を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6417 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246886 4.3 警告 greensql - GreenSQL-Console におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6416 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246887 7.5 危険 aj square - AJ Auction Pro Platinum Skin の detail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6414 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246888 7.5 危険 explay - Explay CMS における認証を回避され管理アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-6411 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246889 7.5 危険 fr.simon rundell
TYPO3 Association		 - TYPO3 の pd_churchsearch 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6463 2012-06-26 16:10 2008-07-9 Show GitHub Exploit DB Packet Storm
246890 7.5 危険 fr.simon rundell
TYPO3 Association		 - TYPO3 の ste_prayer2 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6461 2012-06-26 16:10 2008-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314301 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbit… - CVE-2024-50837 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
314302 7.5 HIGH
Network 		- - A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions. CWE-20
 Improper Input Validation  		CVE-2022-2232 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
314303 - - - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2. Thi… CWE-708
 Incorrect Ownership Assignment 		CVE-2024-9633 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314304 - - - A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /login… - CVE-2024-50843 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314305 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbi… - CVE-2024-50842 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314306 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execu… - CVE-2024-50841 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314307 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary … - CVE-2024-50840 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314308 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbi… - CVE-2024-50839 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314309 - - - Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to byp… CWE-22
Path Traversal 		CVE-2024-11215 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
314310 8.8 HIGH
Network 		- - The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replac… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-10962 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm