Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253311 6.5 警告 Dolibarr ERP & CRM - Dolibarr における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4802 2011-12-16 10:50 2011-11-3 Show GitHub Exploit DB Packet Storm
253312 4.3 警告 Jextensions - Joomla! 用 HM Community コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4809 2011-12-16 10:44 2011-12-14 Show GitHub Exploit DB Packet Storm
253313 7.5 危険 Jextensions - Joomla! 用 HM Community コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4808 2011-12-16 10:41 2011-12-14 Show GitHub Exploit DB Packet Storm
253314 5 警告 foobla - Joomla! 用の obSuggest コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4804 2011-12-16 10:19 2011-12-14 Show GitHub Exploit DB Packet Storm
253315 7.5 危険 BraveNewCode - WordPress 用の WPTouch プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4803 2011-12-16 10:18 2011-12-14 Show GitHub Exploit DB Packet Storm
253316 6.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA AAOP におけるアプリケーション制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2742 2011-12-15 16:59 2011-12-14 Show GitHub Exploit DB Packet Storm
253317 6.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA AAOP におけるセキュリティ制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2741 2011-12-15 16:58 2011-12-14 Show GitHub Exploit DB Packet Storm
253318 4.3 警告 アドビシステムズ - Adobe ColdFusion の RDS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4368 2011-12-15 16:57 2011-12-13 Show GitHub Exploit DB Packet Storm
253319 4.3 警告 アドビシステムズ - Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2463 2011-12-15 16:57 2011-12-13 Show GitHub Exploit DB Packet Storm
253320 4.3 警告 アップル - iOS 上の Safari におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		- 2011-12-15 12:02 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195031 4.8 MEDIUM
Network 		print-o-matic_project print-o-matic The Print-O-Matic WordPress plugin before 2.0.3 does not escape some of its settings before outputting them in attribute, which could allow high privilege users to perform Cross-Site Scripting attack… - CVE-2021-24710 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195032 4.8 MEDIUM
Network 		wp_all_export_project wp_all_export The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 does not escape its Export's Name before outputting it in Manage Exports settings, which could allow high privilege users to per… - CVE-2021-24708 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195033 4.8 MEDIUM
Network 		qwizcards_project qwizcards The Qwizcards – online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting at… - CVE-2021-24706 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195034 4.8 MEDIUM
Network 		quiz_tool_lite_project quiz_tool_lite The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perfor… - CVE-2021-24701 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195035 4.3 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the dow… NVD-CWE-noinfo
CVE-2021-24698 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195036 6.1 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them bac… - CVE-2021-24697 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195037 7.5 HIGH
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to down… - CVE-2021-24695 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195038 6.5 MEDIUM
Network 		genie_wp_favicon_project genie_wp_favicon The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack CWE-352
 Origin Validation Error 		CVE-2021-24674 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195039 8.8 HIGH
Network 		feataholic maz_loader The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor t… - CVE-2021-24669 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
195040 9.0 CRITICAL
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor … - CVE-2021-24693 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm