Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250371 7.5 危険 360安全中心 - 360圧縮 (360zip) における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2225 2012-04-13 11:45 2012-04-11 Show GitHub Exploit DB Packet Storm
250372 7.5 危険 迅雷 - 迅雷 (Xunlei Thunder) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2224 2012-04-13 11:44 2012-03-6 Show GitHub Exploit DB Packet Storm
250373 4.3 警告 Plume CMS - Plume CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2156 2012-04-13 11:07 2012-04-11 Show GitHub Exploit DB Packet Storm
250374 4.3 警告 CMS Made Simple - CMS Made Simple の admin/edituser.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1992 2012-04-13 11:06 2012-04-11 Show GitHub Exploit DB Packet Storm
250375 7.5 危険 Ola Lasisi - e-ticketing の loginscript.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1673 2012-04-12 16:57 2011-04-11 Show GitHub Exploit DB Packet Storm
250376 7.5 危険 useasdf_4444 - Hotel Booking Portal の getcity.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1672 2012-04-12 16:57 2011-04-11 Show GitHub Exploit DB Packet Storm
250377 4.3 警告 Novell - Novell ZENworks Configuration Management におけるクロスサイトトレーシング攻撃を誘発される脆弱性 CWE-200
情報漏えい 		CVE-2012-2223 2012-04-12 16:53 2012-02-8 Show GitHub Exploit DB Packet Storm
250378 7.8 危険 ソニー株式会社 - ソニー製 Bravia TV におけるサービス運用妨害 (機能停止またはデバイスクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2210 2012-04-12 16:52 2012-04-11 Show GitHub Exploit DB Packet Storm
250379 4.3 警告 DNN - DotNetNuke の Telerik HTML エディタにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1036 2012-04-12 16:06 2011-11-1 Show GitHub Exploit DB Packet Storm
250380 4.3 警告 DNN - DotNetNuke におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1030 2012-04-12 16:05 2012-02-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195731 4.8 MEDIUM
Network 		qwizcards_project qwizcards The Qwizcards – online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting at… - CVE-2021-24706 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195732 4.8 MEDIUM
Network 		quiz_tool_lite_project quiz_tool_lite The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perfor… - CVE-2021-24701 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195733 4.3 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the dow… NVD-CWE-noinfo
CVE-2021-24698 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195734 6.1 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them bac… - CVE-2021-24697 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195735 7.5 HIGH
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to down… - CVE-2021-24695 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195736 6.5 MEDIUM
Network 		genie_wp_favicon_project genie_wp_favicon The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2021-24674 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195737 8.8 HIGH
Network 		feataholic maz_loader The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor t… - CVE-2021-24669 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195738 9.0 CRITICAL
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor … - CVE-2021-24693 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195739 4.8 MEDIUM
Network 		igexsolutions wpschoolpress The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Sto… - CVE-2021-24664 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195740 8.1 HIGH
Network 		genetechsolutions pie_register The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing… - CVE-2021-24647 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm