Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249781 7.5 危険 francisco burzi - Francisco Burzi PHP-Nuke の Journal モジュールにおける SQL インジェクションの脆弱性 - CVE-2006-5720 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249782 7.5 危険 bytesfall explorer - bfExplorer の libs/sessions.lib.php における SQL インジェクションの脆弱性 - CVE-2006-5719 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249783 5 警告 freenews - FreeNews の aff_news.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5716 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249784 5 警告 EFS Software - EFS Easy Address Book におけるWeb ルート配下の任意のファイルを読まれる脆弱性 - CVE-2006-5715 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249785 5 警告 EFS Software - EFS Web Server における Web ルート配下の任意のファイルを読まれる脆弱性 - CVE-2006-5714 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249786 4.3 警告 EFS Software - EFS Web Server におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5713 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249787 5 警告 eci telecom - ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router における任意のファイルを読み取られる脆弱性 - CVE-2006-5711 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249788 7.5 危険 アップル
opendarwin		 - Apple Mac OS X の Airport ドライバにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2006-5710 2012-06-26 15:37 2006-11-4 Show GitHub Exploit DB Packet Storm
249789 10 危険 Alt-N - Alt-N Technologies MDaemon の WorldClient における詳細不明な脆弱性 - CVE-2006-5709 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
249790 5 警告 Alt-N - Alt-N Technologies MDaemon の MDaemon におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5708 2012-06-26 15:37 2006-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196371 5.4 MEDIUM
Network 		adtribes product_feed_pro_for_woocommerce The Product Feed PRO for WooCommerce WordPress plugin before 11.0.7 does not have authorisation and CSRF check in some of its AJAX actions, allowing any authenticated users to call then, which could … - CVE-2021-24974 2024-11-21 14:54 2022-01-24 Show GitHub Exploit DB Packet Storm
196372 5.7 MEDIUM
Network 		etoilewebdesign ultimate_faq The Ultimate FAQ WordPress plugin before 2.1.2 does not have capability and CSRF checks in the ewd_ufaq_welcome_add_faq and ewd_ufaq_welcome_add_faq_page AJAX actions, available to any authenticated … CWE-352
 Origin Validation Error 		CVE-2021-24968 2024-11-21 14:54 2022-01-24 Show GitHub Exploit DB Packet Storm
196373 5.4 MEDIUM
Network 		fivestarplugins five_star_restaurant_reservations The Five Star Restaurant Reservations WordPress plugin before 2.4.8 does not have capability and CSRF checks in the rtb_welcome_set_schedule AJAX action, allowing any authenticated users to call it. … - CVE-2021-24965 2024-11-21 14:54 2022-01-24 Show GitHub Exploit DB Packet Storm
196374 8.0 HIGH
Network 		wp_extra_file_types_project wp_extra_file_types The WP Extra File Types WordPress plugin before 0.5.1 does not have CSRF check when saving its settings, nor sanitise and escape some of them, which could allow attackers to make a logged in admin ch… - CVE-2021-24936 2024-11-21 14:54 2022-01-24 Show GitHub Exploit DB Packet Storm
196375 6.1 MEDIUM
Network 		brevo newsletter\
_smtp\
_email_marketing_and_subscribe 		The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.25 does not escape the sib-statistics-date parameter before outputting it back in an attribute, lea… - CVE-2021-24923 2024-11-21 14:54 2022-01-24 Show GitHub Exploit DB Packet Storm
196376 5.4 MEDIUM
Network 		pluginops landing_page The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page. - CVE-2021-25067 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196377 5.4 MEDIUM
Network 		smashballoon smash_balloon_social_post_feed The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was affected by a reflected XSS in custom-facebook-feed in cff-top admin page. - CVE-2021-25065 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196378 5.4 MEDIUM
Network 		wpbookingsystem wp_booking_system The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page. - CVE-2021-25061 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196379 5.4 MEDIUM
Network 		webnus modern_events_calendar_lite The Modern Events Calendar Lite WordPress plugin before 6.2.0 alloed any logged-in user, even a subscriber user, may add a category whose parameters are incorrectly escaped in the admin panel, leadin… - CVE-2021-25046 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196380 6.5 MEDIUM
Network 		aioseo all_in_one_seo The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attacke… - CVE-2021-25037 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm