Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227781	7.5	危険	zonemetrics	-	ZoneMetrics ZoneX Publishers Gold Edition の includes/usercp_register.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4036	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

227782	10	危険	WordPress.org	-	WordPress における脆弱性	CWE-noinfo 情報不足	CVE-2006-4028	2012-12-20 18:02	2006-07-29	Show	GitHub Exploit DB Packet Storm

227783	7.5	危険	Red Graphic Systems	-	SAPID CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4026	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

227784	7.5	危険	xennobb	-	XennoBB の profile.php における SQL インジェクションの脆弱性	-	CVE-2006-4025	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

227785	2.6	注意	scatterchat	-	ScatterChat の cryptographic モジュールにおける大量のメッセージのパターンを特定される脆弱性	-	CVE-2006-4021	2012-12-20 18:02	2006-08-17	Show	GitHub Exploit DB Packet Storm

227786	4.3	警告	toenda software development	-	toendaCMS stable および unstable の /toendaCMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4016	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

227787	5	警告	シマンテック	-	SBAS におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4014	2012-12-20 18:02	2006-07-27	Show	GitHub Exploit DB Packet Storm

227788	7.6	危険	シマンテック	-	SBAS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2006-4013	2012-12-20 18:02	2006-07-27	Show	GitHub Exploit DB Packet Storm

227789	5.1	警告	savewebportal	-	circeOS SaveWeb Portal における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4012	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

227790	7.5	危険	VWar	-	Vwar の war.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-4010	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248951	5.3	MEDIUM Network	openrefine	openrefine	OpenRefine is a free, open source tool for working with messy data. The load-language command expects a `lang` parameter from which it constructs the path of the localization file to load, of the for…	CWE-22 Path Traversal	CVE-2024-49760	2024-11-7 00:01	2024-10-25	Show	GitHub Exploit DB Packet Storm

248952	9.8	CRITICAL Network	codezips	free_exam_hall_seating_management_system	A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-10766	2024-11-6 23:59	2024-11-5	Show	GitHub Exploit DB Packet Storm

248953	7.3	HIGH Network	aftabhusain	enable_shortcodes_inside_widgets\ comments_and_experts	The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.0. This is due to the softw…	CWE-94 Code Injection	CVE-2024-9846	2024-11-6 23:58	2024-10-30	Show	GitHub Exploit DB Packet Storm

248954	5.5	MEDIUM Local	snowflake	snowflake_connector	The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the loggin…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-49750	2024-11-6 23:58	2024-10-25	Show	GitHub Exploit DB Packet Storm

248955	9.8	CRITICAL Network	gvectors	wpdiscuz	The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. This is due to insufficient verification on the user being returned b…	NVD-CWE-Other	CVE-2024-9488	2024-11-6 23:57	2024-10-25	Show	GitHub Exploit DB Packet Storm

248956	6.1	MEDIUM Network	markjaquith	subscribe_to_comments	The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inclu…	CWE-79 Cross-site Scripting	CVE-2024-8792	2024-11-6 23:51	2024-10-30	Show	GitHub Exploit DB Packet Storm

248957	5.4	MEDIUM Network	instantcms	instantcms	InstantCMS is a free and open source content management system. In photo upload function in the photo album page there is no input validation taking place. Due to this attackers are able to inject th…	CWE-79 Cross-site Scripting	CVE-2024-50348	2024-11-6 23:49	2024-10-30	Show	GitHub Exploit DB Packet Storm

248958	9.8	CRITICAL Network	codezips	online_institute_management_system	A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the ar…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-10765	2024-11-6 23:45	2024-11-5	Show	GitHub Exploit DB Packet Storm

248959	9.8	CRITICAL Network	codezips	online_institute_management_system	A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argume…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-10764	2024-11-6 23:44	2024-11-5	Show	GitHub Exploit DB Packet Storm

248960	7.1	HIGH Local	apple	iphone_os ipados visionos tvos	This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted ba…	CWE-59 Link Following	CVE-2024-44258	2024-11-6 23:35	2024-10-29	Show	GitHub Exploit DB Packet Storm