Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248011 5 警告 ELOG - ELOG の elogd の replace_inline_img 関数 におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-0445 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
248012 4.3 警告 ELOG - ELOG におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0444 2012-06-26 15:55 2008-01-24 Show GitHub Exploit DB Packet Storm
248013 5 警告 AlstraSoft - AlstraSoft Forum Pay Per Post Exchange におけるユーザアカウントへアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0440 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248014 4.3 警告 deluxebb - DeluxeBB におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0439 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248015 9.3 危険 Gecad Technologies - AXIGEN Mail Server の AXIMilter モジュールにおけるフォーマットストリングの脆弱性 CWE-189
数値処理の問題 		CVE-2008-0434 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248016 7.5 危険 agaresmedia - Agares phpAutoVideo の theme/phpAutoVideo/LightTwoOh/sidebar.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0433 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248017 4.3 警告 agaresmedia - phpAutoVideo の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0432 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248018 7.5 危険 360 web manager - 360 Web Manager の form.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0430 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248019 7.5 危険 AlstraSoft - AlstraSoft Forum Pay Per Post Exchange の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0429 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
248020 7.5 危険 bloofox - bloofoxCMS の system/class_permissions.php の login 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0428 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197911 6.1 MEDIUM
Network 		boldgrid w3_total_cache The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track… - CVE-2021-24452 2024-11-21 14:53 2021-07-19 Show GitHub Exploit DB Packet Storm
197912 6.1 MEDIUM
Network 		yop-poll yop_poll In the YOP Poll WordPress plugin before 6.2.8, when a pool is created with the options "Allow other answers", "Display other answers in the result list" and "Show results", it can lead to Stored Cros… - CVE-2021-24454 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197913 9.8 CRITICAL
Network 		wpdevart poll\
_survey\
_questionnaire_and_voting_system 		The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending … - CVE-2021-24442 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197914 8.0 HIGH
Network 		fetchdesigns sign-up_sheets The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet title when generating the CSV to export, which could lead to a CSV injection issue - CVE-2021-24441 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197915 4.8 MEDIUM
Network 		fetchdesigns sign-up_sheets The Sign-up Sheets WordPress plugin before 1.0.14 did not sanitise or escape some of its fields when creating a new sheet, allowing high privilege users to add JavaScript in them, leading to a Stored… - CVE-2021-24440 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197916 5.4 MEDIUM
Network 		prothemedesign browser_screenshots The Browser Screenshots WordPress plugin before 1.7.6 allowed authenticated users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks as the image_class parameter of the … - CVE-2021-24439 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197917 6.1 MEDIUM
Network 		codeblab glass The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin did… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2021-24434 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197918 6.1 MEDIUM
Network 		salonbookingsystem salon_booking_system The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set J… - CVE-2021-24429 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197919 4.8 MEDIUM
Network 		boldgrid w3_total_cache The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leadin… CWE-79
Cross-site Scripting 		CVE-2021-24427 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
197920 4.8 MEDIUM
Network 		web-dorado backup-wd The Backup by 10Web – Backup and Restore Plugin WordPress plugin through 1.0.20 does not sanitise or escape the tab parameter before outputting it back in the page, leading to a reflected Cross-Site … - CVE-2021-24426 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm