Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241741	6.8	警告	Atlassian	-	Atlassian JIRA Enterprise Edition におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-6832	2012-06-26 16:10	2009-06-8	Show	GitHub Exploit DB Packet Storm

241742	4.3	警告	Atlassian	-	Atlassian JIRA Enterprise Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6831	2012-06-26 16:10	2009-06-8	Show	GitHub Exploit DB Packet Storm

241743	10	危険	a-link	-	A-LINK のWL54AP3 および WL54AP2 の管理インタフェースにおけるアクセス権を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-6824	2012-06-26 16:10	2009-06-4	Show	GitHub Exploit DB Packet Storm

241744	6.8	警告	a-link	-	A-LINK のWL54AP3 および WL54AP2 の管理インタフェースにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-6823	2012-06-26 16:10	2009-06-4	Show	GitHub Exploit DB Packet Storm

241745	10	危険	Eaton	-	Eaton MGEOPS Network Shutdown Module における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2008-6816	2012-06-26 16:10	2009-05-28	Show	GitHub Exploit DB Packet Storm

241746	4	警告	シトリックス・システムズ	-	Citrix Web Interface for Java Application Servers のセッション切断機能におけるユーザの Web インターフェースセッションへのアクセス権を取得される脆弱性	CWE-Other その他	CVE-2008-6830	2012-06-26 16:10	2008-10-24	Show	GitHub Exploit DB Packet Storm

241747	7.5	危険	bookingcentre	-	Venalsur Booking Centre Booking System の admin/checklogin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6810	2012-06-26 16:10	2009-05-18	Show	GitHub Exploit DB Packet Storm

241748	7.5	危険	bookingcentre	-	Hotels Group の Venalsur Booking Centre Booking System の hotel_habitaciones.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6809	2012-06-26 16:10	2009-05-18	Show	GitHub Exploit DB Packet Storm

241749	6.8	警告	7-shop	-	7Shop の includes/imageupload.php における任意のファイルを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-6806	2012-06-26 16:10	2009-05-12	Show	GitHub Exploit DB Packet Storm

241750	6.8	警告	DFLabs	-	DFLabs PTK の lib/file_content.php の get_file_type 関数における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-6793	2012-06-26 16:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268241	7.5	HIGH Network	getawesomesupport	awesome_support	The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies.	CWE-254 7PK - Security Features	CVE-2015-9318	2024-11-21 11:40	2019-08-21	Show	GitHub Exploit DB Packet Storm

268242	6.1	MEDIUM Network	getawesomesupport	awesome_support	The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages.	CWE-79 Cross-site Scripting	CVE-2015-9317	2024-11-21 11:40	2019-08-21	Show	GitHub Exploit DB Packet Storm

268243	9.8	CRITICAL Network	sandhillsdev	easy_digital_downloads	The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.	CWE-89 SQL Injection	CVE-2015-9324	2024-11-21 11:40	2019-08-17	Show	GitHub Exploit DB Packet Storm

268244	9.8	CRITICAL Network	duckdev	404_to_301	The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.	CWE-89 SQL Injection	CVE-2015-9323	2024-11-21 11:40	2019-08-17	Show	GitHub Exploit DB Packet Storm

268245	8.8	HIGH Network	erident_custom_login_and_dashboard_project	erident_custom_login_and_dashboard	The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF.	CWE-352 Origin Validation Error	CVE-2015-9322	2024-11-21 11:40	2019-08-17	Show	GitHub Exploit DB Packet Storm

268246	9.8	CRITICAL Network	wpbusinessintelligence	wp_business_intelligence	The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.	CWE-89 SQL Injection	CVE-2015-9326	2024-11-21 11:40	2019-08-16	Show	GitHub Exploit DB Packet Storm

268247	9.8	CRITICAL Network	bestwebsoft	visitors_online	The visitors-online plugin before 0.4 for WordPress has SQL injection.	CWE-89 SQL Injection	CVE-2015-9325	2024-11-21 11:40	2019-08-16	Show	GitHub Exploit DB Packet Storm

268248	9.8	CRITICAL Network	tipsandtricks-hq	all_in_one_wp_security_\&_firewall	The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.	CWE-89 SQL Injection	CVE-2015-9310	2024-11-21 11:40	2019-08-15	Show	GitHub Exploit DB Packet Storm

268249	8.8	HIGH Network	flippercode	wp_google_map	The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.	CWE-352 Origin Validation Error	CVE-2015-9309	2024-11-21 11:40	2019-08-15	Show	GitHub Exploit DB Packet Storm

268250	8.8	HIGH Network	flippercode	wp_google_map	The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.	CWE-352 Origin Validation Error	CVE-2015-9308	2024-11-21 11:40	2019-08-15	Show	GitHub Exploit DB Packet Storm