Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227021	4.3	警告	professional home page tools login script	-	Professional Home Page Tools Login Script におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7078	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

227022	6.8	警告	phpBB	-	phpBB 用の Advanced Guestbook における SQL インジェクションの脆弱性	-	CVE-2006-7077	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

227023	4.3	警告	phpBB	-	phpBB 用の Advanced Guestbook におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7076	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

227024	7.5	危険	smartsitecms	-	SmartSiteCMS の admin.php における認証を回避される脆弱性	-	CVE-2006-7074	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

227025	7.5	危険	socketwiz	-	Socketwiz Bookmarks の smarty_config.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7069	2012-12-20 18:18	2007-03-2	Show	GitHub Exploit DB Packet Storm

227026	7.5	危険	tinyphpforum	-	TinyPHPforum の profile.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7063	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

227027	9.3	危険	scriptsez.net	-	Scriptsez.net E-Dating System におけるプライベートメッセージを読まれる脆弱性	-	CVE-2006-7061	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

227028	5.8	警告	サン・マイクロシステムズ	-	Sun Solaris の .iked などに使用されている libike ライブラリにおける PKCS #1 v1.5 署名を偽造される脆弱性	CWE-DesignError	CVE-2006-7140	2012-12-20 18:18	2006-11-27	Show	GitHub Exploit DB Packet Storm

227029	5	警告	scriptsez.net	-	Scriptsez.net E-Dating System の cindex.php におけるフルパスを取得される脆弱性	-	CVE-2006-7060	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

227030	4.3	警告	scriptsez.net	-	Scriptsez.net E-Dating System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-7059	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249061	5.4	MEDIUM Network	nicheaddons	restaurant_\&_cafe_addon_for_elementor	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Res…	CWE-79 Cross-site Scripting	CVE-2024-51581	2024-11-14 05:49	2024-11-10	Show	GitHub Exploit DB Packet Storm

249062	7.2	HIGH Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML…	NVD-CWE-noinfo	CVE-2024-49774	2024-11-14 05:40	2024-11-6	Show	GitHub Exploit DB Packet Storm

249063	8.8	HIGH Network	zohocorp	manageengine_admanager_plus	Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.	NVD-CWE-noinfo	CVE-2024-24409	2024-11-14 05:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

249064	5.4	MEDIUM Network	mycred	mycred	The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…	CWE-79 Cross-site Scripting	CVE-2024-10187	2024-11-14 05:31	2024-11-8	Show	GitHub Exploit DB Packet Storm

249065	6.5	MEDIUM Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Poor input validation in export allows authenticated user do a SQL injection attack. User-con…	CWE-89 SQL Injection	CVE-2024-49773	2024-11-14 05:29	2024-11-6	Show	GitHub Exploit DB Packet Storm

249066	8.1	HIGH Network	zohocorp	manageengine_sharepoint_manager_plus	Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.	CWE-611 XXE	CVE-2024-10839	2024-11-14 05:19	2024-11-8	Show	GitHub Exploit DB Packet Storm

249067	8.8	HIGH Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In SuiteCRM versions 7.14.4, poor input validation allows authenticated user do a SQL injecti…	CWE-89 SQL Injection	CVE-2024-49772	2024-11-14 05:19	2024-11-6	Show	GitHub Exploit DB Packet Storm

249068	8.8	HIGH Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels() fu…	NVD-CWE-noinfo	CVE-2024-50333	2024-11-14 05:10	2024-11-6	Show	GitHub Exploit DB Packet Storm

249069	5.4	MEDIUM Network	brainstormforce	elementor_header_\&_footer_builder	The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient …	CWE-79 Cross-site Scripting	CVE-2024-10325	2024-11-14 05:01	2024-11-8	Show	GitHub Exploit DB Packet Storm

249070	7.5	HIGH Network	talyssonoc	commonregexjs	CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of p…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2020-26305	2024-11-14 05:00	2024-10-27	Show	GitHub Exploit DB Packet Storm