Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 18, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 251841 | 7.5 | 危険 | Autartica | - | Joomla! 用 の AutarTimonial コンポーネントにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-5003 | 2011-12-9 14:20 | 2011-11-1 | Show | GitHub Exploit DB Packet Storm |
| 251842 | 4.3 | 警告 | VideoWhisper.com | - | VideoWhisper PHP 2 Way Video Chat コンポーネントにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4971 | 2011-12-9 14:19 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251843 | 7.5 | 危険 | OlyKit | - | OlyKit Swoopo Clone 2010 の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4997 | 2011-12-9 14:18 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251844 | 7.5 | 危険 | Maulana Al Matien | - | ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-4998 | 2011-12-9 14:18 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251845 | 7.5 | 危険 | Joe Pieruccini | - | MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-5000 | 2011-12-9 14:17 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251846 | 7.5 | 危険 | 2daybiz | - | 2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-5004 | 2011-12-9 14:16 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251847 | 4.3 | 警告 | Rayzz | - | Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-5005 | 2011-12-9 14:15 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251848 | 7.5 | 危険 | Emophp Programming | - | EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-5006 | 2011-12-9 14:15 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251849 | 4.3 | 警告 | ut-files | - | UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-5007 | 2011-12-9 14:14 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
| 251850 | 7.5 | 危険 | Denali | - | BrightSuite Groupware における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-5008 | 2011-12-9 14:13 | 2011-11-2 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 18, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 222491 | 8.8 |
HIGH
Network |
maxum | rumpus | A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, up… |
CWE-352
Origin Validation Error |
CVE-2019-19659 | 2024-11-21 13:35 | 2020-02-11 | Show | GitHub Exploit DB Packet Storm |
| 222492 | 5.3 |
MEDIUM
Network |
zohocorp | manageengine_applications_manager | Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet. |
CWE-306
Missing Authentication for Critical Function |
CVE-2019-19800 | 2024-11-21 13:35 | 2020-02-7 | Show | GitHub Exploit DB Packet Storm |
| 222493 | 5.4 |
MEDIUM
Network |
pandorafms | pandora_fms | PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data … |
CWE-79
Cross-site Scripting |
CVE-2019-19968 | 2024-11-21 13:35 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 222494 | 8.8 |
HIGH
Network |
totolink |
a3002ru_firmware a702r_firmware n301rt_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware |
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not a… |
CWE-78
OS Command |
CVE-2019-19824 | 2024-11-21 13:35 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 222495 | 7.5 |
HIGH
Network |
totolink realtek sapido ciktel kctvjeju fg-products hiwifi tbroad coship iodata hcn_max-c300n_project |
a3002ru_firmware a702r_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware rtk_11n_ap_firmware gr297n_firmware mesh_router_firmware w… |
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002R… |
CWE-522
Insufficiently Protected Credentials |
CVE-2019-19823 | 2024-11-21 13:35 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 222496 | 7.5 |
HIGH
Network |
totolink realtek sapido ciktel kctvjeju fg-products hiwifi tbroad coship iodata hcn_max-c300n_project |
a3002ru_firmware a702r_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware rtk_11n_ap_firmware gr297n_firmware mesh_router_firmware w… |
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwo… |
CWE-306
Missing Authentication for Critical Function |
CVE-2019-19822 | 2024-11-21 13:35 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 222497 | 9.8 |
CRITICAL
Network |
totolink |
a3002ru_firmware a702r_firmware n301rt_firmware n302r_firmware n300rt_firmware n200re_firmware n150rt_firmware n100re_firmware |
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPT… |
CWE-287
Improper Authentication |
CVE-2019-19825 | 2024-11-21 13:35 | 2020-01-28 | Show | GitHub Exploit DB Packet Storm |
| 222498 | 8.8 |
HIGH
Network |
bigswitch |
big_cloud_fabric big_monitoring_fabric multi-cloud_director |
An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 … |
CWE-200
Information Exposure |
CVE-2019-19631 | 2024-11-21 13:35 | 2020-01-25 | Show | GitHub Exploit DB Packet Storm |
| 222499 | 6.1 |
MEDIUM
Network |
bigswitch |
big_cloud_fabric big_monitoring_fabric multi-cloud_director |
An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 … |
CWE-79
Cross-site Scripting |
CVE-2019-19632 | 2024-11-21 13:35 | 2020-01-25 | Show | GitHub Exploit DB Packet Storm |
| 222500 | 7.5 |
HIGH
Network |
ixpdata | easyinstall | In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely. |
CWE-319 CWE-522 Cleartext Transmission of Sensitive Information Insufficiently Protected Credentials |
CVE-2019-19898 | 2024-11-21 13:35 | 2020-01-24 | Show | GitHub Exploit DB Packet Storm |