Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248071	7.5	危険	getmiro	-	Broadcast Machine における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6287	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248072	7.5	危険	Activewebsoftwares	-	Active Newsletter の SubscriberStart.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6286	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248073	7.5	危険	businessvein	-	PHP TV Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6285	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248074	7.5	危険	1scripts	-	Z1Exchange の edit.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6284	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248075	7.5	危険	bluocms	-	Bluo CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6281	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248076	7.5	危険	appstate	-	Appalachian State University phpWebSite の links.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6266	2012-06-26 16:10	2009-02-25	Show	GitHub Exploit DB Packet Storm

248077	6.8	警告	cyberfolio	-	Cyberfolio の portfolio/css.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6265	2012-06-26 16:10	2009-02-24	Show	GitHub Exploit DB Packet Storm

248078	7.5	危険	e-topbiz	-	E-topbiz Slide Popups の admin/admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6264	2012-06-26 16:10	2009-02-24	Show	GitHub Exploit DB Packet Storm

248079	7.5	危険	e-topbiz	-	E-topbiz AdManager の view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6261	2012-06-26 16:10	2009-02-24	Show	GitHub Exploit DB Packet Storm

248080	6.8	警告	comdev	-	Comdev Web Blogger における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6250	2012-06-26 16:10	2009-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200511	4.3	MEDIUM Network	mozilla	thunderbird	Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user I…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2021-23992	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

200512	6.8	MEDIUM Network	mozilla	thunderbird	If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an em…	NVD-CWE-Other	CVE-2021-23991	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

200513	5.4	MEDIUM Network	codecabin	wp_go_maps	The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2021-24383	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200514	5.3	MEDIUM Network	wphappycoders	comments_like_dislike	The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user…	-	CVE-2021-24379	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200515	4.8	MEDIUM Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privil…	-	CVE-2021-24378	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200516	8.1	HIGH Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to pro…	-	CVE-2021-24377	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200517	9.8	CRITICAL Network	autoptimize	autoptimize	The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extract…	-	CVE-2021-24376	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200518	5.3	MEDIUM Network	automattic	jetpack	The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a "carousel" type image gallery and allows users to comment on the images. A security vulnerability was f…	-	CVE-2021-24374	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200519	6.1	MEDIUM Network	getastra	wp_hardening	The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflect…	-	CVE-2021-24373	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm

200520	6.1	MEDIUM Network	getastra	wp_hardening	The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-…	CWE-79 Cross-site Scripting	CVE-2021-24372	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm