Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
237261 7.5 危険 Kurt Gusbeth - TYPO3 の myquizpoll エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6462 2012-09-25 17:27 2009-03-13 Show GitHub Exploit DB Packet Storm
237262 7.5 危険 mirko werner - TYPO3 用の Simple Random Objects エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6460 2012-09-25 17:27 2009-03-13 Show GitHub Exploit DB Packet Storm
237263 7.5 危険 martin helmich - TYPO3 用の HBook エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6456 2012-09-25 17:27 2009-03-13 Show GitHub Exploit DB Packet Storm
237264 7.5 危険 oceandir - Oceandir の show_vote.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6452 2012-09-25 17:27 2009-03-13 Show GitHub Exploit DB Packet Storm
237265 7.5 危険 jportal - jPORTAL の humor.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6451 2012-09-25 17:27 2009-03-13 Show GitHub Exploit DB Packet Storm
237266 4.3 警告 lukas waldauf - PHPFreeForum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6437 2012-09-25 17:27 2009-03-6 Show GitHub Exploit DB Packet Storm
237267 4.3 警告 kayalang - Kaya の CGI framework におけるクロスサイトスクリプティング攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6428 2012-09-25 17:27 2009-03-6 Show GitHub Exploit DB Packet Storm
237268 7.5 危険 mike leeper - Joomla! 用の prayercenter コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6429 2012-09-25 17:27 2007-03-18 Show GitHub Exploit DB Packet Storm
237269 6.8 警告 hivemaker - Hivemaker の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6427 2012-09-25 17:27 2009-03-6 Show GitHub Exploit DB Packet Storm
237270 8.8 危険 jun sota - FFFTP におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6424 2012-09-25 17:27 2009-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2761 4.3 MEDIUM
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5. CWE-352
 Origin Validation Error 		CVE-2026-24597 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2762 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through … CWE-79
Cross-site Scripting 		CVE-2025-62745 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2763 4.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels. This issue … CWE-862
 Missing Authorization 		CVE-2026-24527 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2764 4.3 MEDIUM
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1. CWE-352
 Origin Validation Error 		CVE-2026-24554 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2765 4.3 MEDIUM
Network 		- - Missing Authorization vulnerability in WPPOOL FlexTable allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FlexTable: from n/a through 3.24.0. CWE-862
 Missing Authorization 		CVE-2026-24582 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2766 5.4 MEDIUM
Network 		- - Missing Authorization vulnerability in Themeansar Newses allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Newses: from n/a through 2.0.0.77. CWE-862
 Missing Authorization 		CVE-2026-24586 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2767 5.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a … CWE-862
 Missing Authorization 		CVE-2026-24592 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2768 4.9 MEDIUM
Network 		- - Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10. CWE-862
 Missing Authorization 		CVE-2026-27346 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2769 5.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a befor… CWE-862
 Missing Authorization 		CVE-2026-27357 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm
2770 5.3 MEDIUM
Network 		- - Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from … CWE-862
 Missing Authorization 		CVE-2026-27398 2026-05-27 04:31 2026-05-26 Show GitHub Exploit DB Packet Storm