Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249811	7.5	危険	Andreas Gohr	-	DokuWiki の doku.php における任意の PHP コードを実行される脆弱性	-	CVE-2006-4674	2012-06-26 15:37	2006-09-11	Show	GitHub Exploit DB Packet Storm

249812	6.8	警告	fscripts	-	Fantastic News の headlines.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4671	2012-06-26 15:37	2006-09-11	Show	GitHub Exploit DB Packet Storm

249813	7.5	危険	gtasoft	-	PhotoKorn Gallery における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4670	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249814	5.1	警告	EFS Software	-	Easy Address Book Web Server におけるフォーマットストリングの脆弱性	-	CVE-2006-4654	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249815	5	警告	amazing little poll amazing little picture poll	-	Amazing Little Poll における admin パスワードを読まれる脆弱性	-	CVE-2006-4653	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249816	7.5	危険	amazing little poll amazing little picture poll	-	Amazing Little Poll における新規アンケートを作成される脆弱性	-	CVE-2006-4652	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249817	7.5	危険	bingo news	-	BP News の bp_news.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4649	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249818	7.5	危険	bingo news	-	BP News の bp_ncom.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4648	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

249819	6.8	警告	Drupal	-	Drupal の Pathauto モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4646	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

249820	7.5	危険	akarru	-	Akarru Social BookMarking Engine の akarru.gui/main_content.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4645	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196821	6.1	MEDIUM Network	pickplugins	post_grid	The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross…	-	CVE-2021-24488	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196822	7.2	HIGH Network	ays-pro	secure_copy_content_protection_and_content_locking	The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24484	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196823	7.2	HIGH Network	ays-pro	poll_maker	The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24483	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196824	4.8	MEDIUM Network	any_hostname_project	any_hostname	The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS paylo…	-	CVE-2021-24481	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196825	4.8	MEDIUM Network	event_geek_project	event_geek	The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scriptin…	-	CVE-2021-24480	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196826	4.8	MEDIUM Network	drawblog_project	drawblog	The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue	-	CVE-2021-24479	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196827	5.4	MEDIUM Network	bookshelf_project	bookshelf	The Bookshelf WordPress plugin through 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting i…	CWE-79 Cross-site Scripting	CVE-2021-24478	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196828	6.1	MEDIUM Network	migrate_users_project	migrate_users	The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin …	-	CVE-2021-24477	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196829	5.4	MEDIUM Network	steam_group_viewer_project	steam_group_viewer	The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scri…	-	CVE-2021-24476	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

196830	6.1	MEDIUM Network	awesome_weather_widget_project	awesome_weather_widget	The Awesome Weather Widget WordPress plugin through 3.0.2 does not sanitize the id parameter of its awesome_weather_refresh AJAX action, leading to an unauthenticated Reflected Cross-Site Scripting (…	CWE-79 Cross-site Scripting	CVE-2021-24474	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm