Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248951	9.3	危険	FileZilla	-	FileZilla におけるフォーマットストリングの脆弱性	-	CVE-2007-2318	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248952	6.8	警告	crea-book	-	Crea-Book における SQL インジェクションの脆弱性	-	CVE-2007-2314	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248953	4.3	警告	bloofox	-	BloofoxCMS の plugins/spaw/img_popup.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2310	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248954	4.3	警告	flowers	-	FloweRS の cas.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2309	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248955	4.3	警告	flowers	-	FloweRS の cas.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2308	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248956	7.5	危険	expow	-	Expow の autoindex.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2302	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248957	7.5	危険	arash	-	audioCMS arash における任意の PHP コードが実行される脆弱性	-	CVE-2007-2301	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248958	7.5	危険	frogss	-	Frogss CMS における SQL インジェクションの脆弱性	-	CVE-2007-2299	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248959	7.5	危険	GForge Group	-	Garennes における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2298	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

248960	7.8	危険	Digium	-	Asterisk のSIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2297	2012-06-26 15:46	2007-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196581	6.1	MEDIUM Network	ideabox	powerpack_addons_for_elementor	The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site …	CWE-79 Cross-site Scripting	CVE-2021-25027	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196582	7.2	HIGH Network	optimocha	speed_booster_pack	The Speed Booster Pack ? PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related ta…	CWE-89 SQL Injection	CVE-2021-25023	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196583	6.1	MEDIUM Network	updraftplus	updraftplus	The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to R…	CWE-79 Cross-site Scripting	CVE-2021-25022	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196584	4.9	MEDIUM Network	ffw	optimize_my_google_fonts	The OMGF \| Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary fo…	CWE-22 Path Traversal	CVE-2021-25021	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196585	4.9	MEDIUM Network	daan	complete_analytics_optimization_suite	The CAOS \| Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary…	CWE-22 Path Traversal	CVE-2021-25020	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196586	6.1	MEDIUM Network	premio	chaty_pro chaty	The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Refl…	CWE-79 Cross-site Scripting	CVE-2021-25016	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196587	6.1	MEDIUM Network	booster	booster_for_woocommerce	The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML …	CWE-79 Cross-site Scripting	CVE-2021-25001	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196588	6.1	MEDIUM Network	booster	booster_for_woocommerce	The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, …	CWE-79 Cross-site Scripting	CVE-2021-25000	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196589	6.1	MEDIUM Network	booster	booster_for_woocommerce	The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabl…	CWE-79 Cross-site Scripting	CVE-2021-24999	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm

196590	4.8	MEDIUM Network	wpovernight	woocommerce_pdf_invoices\&_packing_slips	The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site…	CWE-79 Cross-site Scripting	CVE-2021-24991	2024-11-21 14:54	2022-01-3	Show	GitHub Exploit DB Packet Storm