Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227061 7.5 危険 portix-php - Portix-PHP の login コンポーネントにおける SQL インジェクションの脆弱性 - CVE-2006-6935 2012-12-20 18:18 2007-01-16 Show GitHub Exploit DB Packet Storm
227062 6.8 警告 portix-php - Portix-PHP におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6934 2012-12-20 18:18 2007-01-16 Show GitHub Exploit DB Packet Storm
227063 5 警告 Snort.org - Snort におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6931 2012-12-20 18:18 2007-01-16 Show GitHub Exploit DB Packet Storm
227064 6.8 警告 sage-mozdev - Firefox Sage エクステンションにおけるローカルコンテキストの任意の Javascript を実行される脆弱性 - CVE-2006-6919 2012-12-20 18:18 2007-01-11 Show GitHub Exploit DB Packet Storm
227065 7.5 危険 phpMyFAQ - phpMyFAQ における任意の PHP スクリプトをアップロードされる脆弱性 - CVE-2006-6913 2012-12-20 18:18 2006-12-15 Show GitHub Exploit DB Packet Storm
227066 7.5 危険 phpMyFAQ - phpMyFAQ における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-6912 2012-12-20 18:02 2006-12-15 Show GitHub Exploit DB Packet Storm
227067 10 危険 東芝 - Toshiba Bluetooth スタックにおける管理者アクセス権限を取得される脆弱性 - CVE-2006-6903 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
227068 5.4 警告 widcomm - Widcomm BTW におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6897 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
227069 5.4 警告 plantronic - Plantronic Headset の Bluetooth スタックにおける許可されていない組み合わせ操作を実行される脆弱性 - CVE-2006-6896 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
227070 2.9 注意 sony ericsson - Sony Ericsson T60 の Bluetooth スタックにおける許可されていない問い合わせ応答へのアクセス権を取得される脆弱性 - CVE-2006-6895 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249061 5.4 MEDIUM
Network 		nicheaddons restaurant_\&_cafe_addon_for_elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Res… CWE-79
Cross-site Scripting 		CVE-2024-51581 2024-11-14 05:49 2024-11-10 Show GitHub Exploit DB Packet Storm
249062 7.2 HIGH
Network 		salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML… NVD-CWE-noinfo
CVE-2024-49774 2024-11-14 05:40 2024-11-6 Show GitHub Exploit DB Packet Storm
249063 8.8 HIGH
Network 		zohocorp manageengine_admanager_plus Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option. NVD-CWE-noinfo
CVE-2024-24409 2024-11-14 05:35 2024-11-8 Show GitHub Exploit DB Packet Storm
249064 5.4 MEDIUM
Network 		mycred mycred The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress… CWE-79
Cross-site Scripting 		CVE-2024-10187 2024-11-14 05:31 2024-11-8 Show GitHub Exploit DB Packet Storm
249065 6.5 MEDIUM
Network 		salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Poor input validation in export allows authenticated user do a SQL injection attack. User-con… CWE-89
SQL Injection 		CVE-2024-49773 2024-11-14 05:29 2024-11-6 Show GitHub Exploit DB Packet Storm
249066 8.1 HIGH
Network 		zohocorp manageengine_sharepoint_manager_plus Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option. CWE-611
XXE 		CVE-2024-10839 2024-11-14 05:19 2024-11-8 Show GitHub Exploit DB Packet Storm
249067 8.8 HIGH
Network 		salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In SuiteCRM versions 7.14.4, poor input validation allows authenticated user do a SQL injecti… CWE-89
SQL Injection 		CVE-2024-49772 2024-11-14 05:19 2024-11-6 Show GitHub Exploit DB Packet Storm
249068 8.8 HIGH
Network 		salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels() fu… NVD-CWE-noinfo
CVE-2024-50333 2024-11-14 05:10 2024-11-6 Show GitHub Exploit DB Packet Storm
249069 5.4 MEDIUM
Network 		brainstormforce elementor_header_\&_footer_builder The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient … CWE-79
Cross-site Scripting 		CVE-2024-10325 2024-11-14 05:01 2024-11-8 Show GitHub Exploit DB Packet Storm
249070 7.5 HIGH
Network 		talyssonoc commonregexjs CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of p… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2020-26305 2024-11-14 05:00 2024-10-27 Show GitHub Exploit DB Packet Storm