Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241921 7.5 危険 accscripts - Acc Autos における管理アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6292 2012-06-26 16:10 2009-02-26 Show GitHub Exploit DB Packet Storm
241922 7.5 危険 accscripts - Acc PHP eMail における管理アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6291 2012-06-26 16:10 2009-02-26 Show GitHub Exploit DB Packet Storm
241923 7.5 危険 getmiro - Broadcast Machine における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6287 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241924 7.5 危険 Activewebsoftwares - Active Newsletter の SubscriberStart.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6286 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241925 7.5 危険 businessvein - PHP TV Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6285 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241926 7.5 危険 1scripts - Z1Exchange の edit.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6284 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241927 7.5 危険 bluocms - Bluo CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6281 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241928 7.5 危険 appstate - Appalachian State University phpWebSite の links.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6266 2012-06-26 16:10 2009-02-25 Show GitHub Exploit DB Packet Storm
241929 6.8 警告 cyberfolio - Cyberfolio の portfolio/css.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6265 2012-06-26 16:10 2009-02-24 Show GitHub Exploit DB Packet Storm
241930 7.5 危険 e-topbiz - E-topbiz Slide Popups の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6264 2012-06-26 16:10 2009-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268141 7.5 HIGH
Network 		getawesomesupport awesome_support The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are allowed in replies. CWE-254
 7PK - Security Features 		CVE-2015-9318 2024-11-21 11:40 2019-08-21 Show GitHub Exploit DB Packet Storm
268142 6.1 MEDIUM
Network 		getawesomesupport awesome_support The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages. CWE-79
Cross-site Scripting 		CVE-2015-9317 2024-11-21 11:40 2019-08-21 Show GitHub Exploit DB Packet Storm
268143 9.8 CRITICAL
Network 		sandhillsdev easy_digital_downloads The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2015-9324 2024-11-21 11:40 2019-08-17 Show GitHub Exploit DB Packet Storm
268144 9.8 CRITICAL
Network 		duckdev 404_to_301 The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2015-9323 2024-11-21 11:40 2019-08-17 Show GitHub Exploit DB Packet Storm
268145 8.8 HIGH
Network 		erident_custom_login_and_dashboard_project erident_custom_login_and_dashboard The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2015-9322 2024-11-21 11:40 2019-08-17 Show GitHub Exploit DB Packet Storm
268146 9.8 CRITICAL
Network 		wpbusinessintelligence wp_business_intelligence The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2015-9326 2024-11-21 11:40 2019-08-16 Show GitHub Exploit DB Packet Storm
268147 9.8 CRITICAL
Network 		bestwebsoft visitors_online The visitors-online plugin before 0.4 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2015-9325 2024-11-21 11:40 2019-08-16 Show GitHub Exploit DB Packet Storm
268148 9.8 CRITICAL
Network 		tipsandtricks-hq all_in_one_wp_security_\&_firewall The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. CWE-89
SQL Injection 		CVE-2015-9310 2024-11-21 11:40 2019-08-15 Show GitHub Exploit DB Packet Storm
268149 8.8 HIGH
Network 		flippercode wp_google_map The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature. CWE-352
 Origin Validation Error 		CVE-2015-9309 2024-11-21 11:40 2019-08-15 Show GitHub Exploit DB Packet Storm
268150 8.8 HIGH
Network 		flippercode wp_google_map The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature. CWE-352
 Origin Validation Error 		CVE-2015-9308 2024-11-21 11:40 2019-08-15 Show GitHub Exploit DB Packet Storm