Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228041	4.3	警告	dkscript	-	DKScript.com Dragon's Kingdom Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-3539	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228042	5.8	警告	beatificfaith	-	BeatificFaith Eprayer Alpha の demo.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3538	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228043	7.5	危険	randshop	-	Randshop の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3537	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228044	7.5	危険	ej3	-	EJ3 TOPo の code/class_db_text.php における任意の PHP コードを実行される脆弱性	-	CVE-2006-3536	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228045	5	警告	Nullsoft	-	Nullsoft SHOUTcast DSP におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3535	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228046	7.8	危険	Nullsoft	-	Nullsoft SHOUTcast DSP におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3534	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228047	5.8	警告	pivot	-	Pivot におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3533	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228048	5.1	警告	pivot	-	Pivot の includes/edit_new.php における任意の PHP コードを実行される脆弱性	-	CVE-2006-3532	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228049	7.5	危険	pivot	-	Pivot の includes/editor/insert_image.php における任意のファイルをアップロードされる脆弱性	-	CVE-2006-3531	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

228050	6.8	警告	Joomla!	-	Mambo 用の PccookBook Component の com_pccookbook/pccookbook.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-3530	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249731	8.8	HIGH Network	priyabratasarkar	token_login	Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.	CWE-306 Missing Authentication for Critical Function	CVE-2024-50488	2024-10-31 22:19	2024-10-28	Show	GitHub Exploit DB Packet Storm

249732	9.8	CRITICAL Network	tareqhasan	meetup	Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-50483	2024-10-31 22:12	2024-10-28	Show	GitHub Exploit DB Packet Storm

249733	9.8	CRITICAL Network	mansurahamed	woocommerce_quote_calculator	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocomme…	CWE-89 SQL Injection	CVE-2024-50479	2024-10-31 22:02	2024-10-28	Show	GitHub Exploit DB Packet Storm

249734	9.8	CRITICAL Network	codezips	hospital_appointment_system	A vulnerability, which was classified as critical, was found in Codezips Hospital Appointment System 1.0. This affects an unknown part of the file /loginAction.php. The manipulation of the argument U…	CWE-89 SQL Injection	CVE-2024-10449	2024-10-31 21:47	2024-10-29	Show	GitHub Exploit DB Packet Storm

249735	8.8	HIGH Network	google	chrome	Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	CWE-843 Type Confusion	CVE-2024-10230	2024-10-31 17:35	2024-10-23	Show	GitHub Exploit DB Packet Storm

249736	9.8	CRITICAL Network	swoopnow	1-click_login\	Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication:…	CWE-287 Improper Authentication	CVE-2024-50478	2024-10-31 10:44	2024-10-28	Show	GitHub Exploit DB Packet Storm

249737	5.4	MEDIUM Network	amilia	store	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Drapeau Amilia Store allows Stored XSS.This issue affects Amilia Store: from n/a th…	CWE-79 Cross-site Scripting	CVE-2024-50472	2024-10-31 10:42	2024-10-28	Show	GitHub Exploit DB Packet Storm

249738	5.4	MEDIUM Network	checklist	trip_plan	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Checklist Trip Plan allows Stored XSS.This issue affects Trip Plan: from n/a through 1.0.1…	CWE-79 Cross-site Scripting	CVE-2024-50471	2024-10-31 10:37	2024-10-28	Show	GitHub Exploit DB Packet Storm

249739	5.4	MEDIUM Network	themes4wp	youtube_external_subtitles	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themes4WP Themes4WP YouTube External Subtitles allows Stored XSS.This issue affects Themes…	CWE-79 Cross-site Scripting	CVE-2024-50470	2024-10-31 10:30	2024-10-28	Show	GitHub Exploit DB Packet Storm

249740	6.5	MEDIUM Network	squirrly	premium_seo_pack	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP SEO – Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: …	CWE-89 SQL Injection	CVE-2024-50465	2024-10-31 10:27	2024-10-28	Show	GitHub Exploit DB Packet Storm