Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211511	4.3	警告	CBI Referral Manager	-	WordPress 用 CBI Referral Manager プラグインの getNetworkSites.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4517	2014-10-27 18:55	2014-04-25	Show	GitHub Exploit DB Packet Storm

211512	4.3	警告	waisir	-	WordPress 用 Alipay プラグインの includes/api_tenpay/inc.tenpay_notify.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4514	2014-10-27 18:54	2014-01-28	Show	GitHub Exploit DB Packet Storm

211513	6.5	警告	GB Plugins	-	WordPress 用 GB Gallery Slideshow プラグインの GBgallery.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8375	2014-10-27 18:54	2014-08-9	Show	GitHub Exploit DB Packet Storm

211514	7.5	危険	シトリックス・システムズ	-	Citrix NetScaler Application Delivery Controller および NetScaler Gateway の管理インターフェースにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-7140	2014-10-27 18:53	2014-09-17	Show	GitHub Exploit DB Packet Storm

211515	4.3	警告	dotProject	-	dotProject におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5702	2014-10-27 18:53	2012-11-15	Show	GitHub Exploit DB Packet Storm

211516	5	警告	Banana Dance	-	Banana Dance の functions/suggest.php における任意のデータベースの情報を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5243	2014-10-27 18:53	2012-12-19	Show	GitHub Exploit DB Packet Storm

211517	6.8	警告	Banana Dance	-	Banana Dance の functions/suggest.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-5242	2014-10-27 18:52	2012-12-19	Show	GitHub Exploit DB Packet Storm

211518	7.5	危険	OS4Ed	-	openSIS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8366	2014-10-27 18:52	2014-06-26	Show	GitHub Exploit DB Packet Storm

211519	4.3	警告	Xornic	-	Xornic Contact Us におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8365	2014-10-27 18:51	2014-06-8	Show	GitHub Exploit DB Packet Storm

211520	4.3	警告	Joomla!	-	Joomla! 用 JChatSocial コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3863	2014-10-27 18:14	2014-07-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293281	-	vastal_i-tech	dating_zone	SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.	CWE-89 SQL Injection	CVE-2008-4461	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293282	-	vastal_i-tech	visa_zone	SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.	CWE-89 SQL Injection	CVE-2008-4462	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293283	-	vastal_i-tech	jobs_zone	SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.	CWE-89 SQL Injection	CVE-2008-4463	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293284	-	vastal_i-tech	mag_zone	SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.	CWE-89 SQL Injection	CVE-2008-4464	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293285	-	vastal_i-tech	dvd_zone	SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.	CWE-89 SQL Injection	CVE-2008-4465	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293286	-	vastal_i-tech	cosmetics_zone	SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.	CWE-89 SQL Injection	CVE-2008-4466	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293287	-	vastal_i-tech	toner_cart	SQL injection vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2008-4467	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293288	-	vastal_i-tech	share_zone	SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2008-4468	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293289	-	vastal_i-tech	freelance_zone	SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter.	CWE-89 SQL Injection	CVE-2008-4469	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm

293290	-	numark	cue	Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a l…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-4470	2017-09-29 10:32	2008-10-7	Show	GitHub Exploit DB Packet Storm