Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228011	4.3	警告	orbitcoders	-	Orbitcoders OrbitMATRIX の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3609	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228012	4.6	警告	flatnuke	-	Simone Vellei Flatnuke の Gallery モジュールにおける任意の PHP コードを実行される脆弱性	-	CVE-2006-3608	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228013	4.3	警告	softbiz	-	Softbiz Banner Exchange Script におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3607	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228014	5	警告	マイクロソフト	-	Microsoft Internet Explorer 6 におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-3605	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228015	7.5	危険	seyeon	-	FlexWATCH Network Camera におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3604	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228016	5.8	警告	seyeon	-	FlexWATCH Network Camera の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3603	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228017	5	警告	farsinews	-	FarsiNews の jscripts/tiny_mce/tiny_mce_gzip.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3602	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228018	5.1	警告	libtunepimp	-	TunePimp の LookupTRM::lookup 関数におけるスタックベースのバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-3600	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228019	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Nuke Advanced Classifieds モジュールにおける SQL インジェクションの脆弱性	-	CVE-2006-3599	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

228020	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Sections モジュールにおける SQL インジェクションの脆弱性	-	CVE-2006-3598	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249481	4.3	MEDIUM Network	-	-	The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_search_users function in all versions up to, and including, …	CWE-862 Missing Authorization	CVE-2024-10399	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249482	6.4	MEDIUM Network	-	-	The WP Baidu Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'baidu_map' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitiz…	-	CVE-2024-9886	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249483	6.4	MEDIUM Network	-	-	The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient …	CWE-79 Cross-site Scripting	CVE-2024-9885	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249484	6.4	MEDIUM Network	-	-	The T(-) Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tminus' shortcode in all versions up to, and including, 2.4.8 due to insufficient input sanitiza…	CWE-79 Cross-site Scripting	CVE-2024-9884	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249485	-		-	-	A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. This issue affects some unknown processing of the file /login.php. The manipulati…	-	CVE-2024-10509	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249486	-		-	-	CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka File Manager upload) unauthenti…	-	CVE-2024-51568	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249487	-		-	-	getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus …	-	CVE-2024-51378	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249488	-		-	-	Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1.	CWE-862 Missing Authorization	CVE-2024-50454	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249489	-		-	-	Missing Authorization vulnerability in Mondula GmbH Multi Step Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multi Step Form: from n/a through 1.7.21.	CWE-862 Missing Authorization	CVE-2024-50428	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm

249490	-		-	-	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Veribo, Roland Murg WP Booking System.This issue affects WP Booking System: from n/a through 2.0.19.10.	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2024-50425	2024-11-1 21:57	2024-10-30	Show	GitHub Exploit DB Packet Storm