Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 12:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249181 7.5 危険 cityforfree - CityForFree indexcity の list.php における SQL インジェクションの脆弱性 - CVE-2006-4323 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249182 7.5 危険 bits-dont-bite - Mambo 用の EstateAgent コンポーネントの estateagent.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4322 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249183 7.5 危険 Coppermine Photo Gallery - Mambo の cpg コンポーネント の cpg.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4321 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249184 5 警告 シスコシステムズ - Cisco VPN 3000 シリーズコンセントレータにおけるファイルを変更するための CWD コマンドなどを実行される脆弱性 - CVE-2006-4313 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249185 10 危険 ak-systems - AK-Systems Windows Terminal ExVLP の VNC サーバにおける RDP または Citrix のセッションを表示される脆弱性 - CVE-2006-4309 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249186 4.3 警告 Blackboard, Inc. - 複数の Blackboard 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-4308 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249187 10 危険 OpenBSD
FreeBSD
NetBSD		 - FreeBSD の sppp ドライバにおけるバッファオーバーフローの脆弱性 - CVE-2006-4304 2012-06-26 15:37 2006-08-23 Show GitHub Exploit DB Packet Storm
249188 7.5 危険 8pixel - SimpleBlog の comments.asp における SQL インジェクションの脆弱性 - CVE-2006-4300 2012-06-26 15:37 2006-08-22 Show GitHub Exploit DB Packet Storm
249189 4.3 警告 cPanel - cPanel 10 におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4293 2012-06-26 15:37 2006-08-22 Show GitHub Exploit DB Packet Storm
249190 7.5 危険 fscripts - Fantastic News の news.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-4285 2012-06-26 15:37 2006-08-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196321 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection th… CWE-89
SQL Injection 		CVE-2021-24186 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196322 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the image box widget (includes/widgets/image-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set … CWE-79
Cross-site Scripting 		CVE-2021-24206 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196323 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of… CWE-79
Cross-site Scripting 		CVE-2021-24205 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196324 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts a ‘title_html_tag’ parameter. Although the element control lists a fixed … CWE-79
Cross-site Scripting 		CVE-2021-24204 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196325 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of po… CWE-79
Cross-site Scripting 		CVE-2021-24203 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196326 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ‘header_size’ parameter. Although the element control lists a fixed set of … CWE-79
Cross-site Scripting 		CVE-2021-24202 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196327 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of po… CWE-79
Cross-site Scripting 		CVE-2021-24201 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196328 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploite… CWE-89
SQL Injection 		CVE-2021-24185 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196329 8.8 HIGH
Network 		themeum tutor_lms Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privile… - CVE-2021-24184 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196330 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be … CWE-89
SQL Injection 		CVE-2021-24183 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm