Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242511 4.3 警告 Lucid Crew - Pixie CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1067 2012-06-26 16:10 2009-03-26 Show GitHub Exploit DB Packet Storm
242512 7.5 危険 Lucid Crew - Pixie CMS の admin/lib/lib_logs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1066 2012-06-26 16:10 2009-03-26 Show GitHub Exploit DB Packet Storm
242513 7.5 危険 Lucid Crew - Pixie CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1065 2012-06-26 16:10 2009-03-26 Show GitHub Exploit DB Packet Storm
242514 6.8 警告 Saurused - eXeScope におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1063 2012-06-26 16:10 2009-03-26 Show GitHub Exploit DB Packet Storm
242515 5 警告 chaozz - chaozzDB におけるユーザの資格情報を含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1053 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
242516 5 警告 chaozz - FireAnt におけるユーザの資格情報を含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1052 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
242517 5 警告 chaozz - FubarForum におけるユーザの資格情報を含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1051 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
242518 7.5 危険 cdexos - CDex におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1039 2012-06-26 16:10 2009-03-20 Show GitHub Exploit DB Packet Storm
242519 7.5 危険 deluxebb - DeluxeBB の misc.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1033 2012-06-26 16:10 2009-03-20 Show GitHub Exploit DB Packet Storm
242520 9.3 危険 edisys - ediSys eZip Wizard におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1028 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267491 6.1 MEDIUM
Network 		tonjoostudio fluid-responsive-slideshow The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. CWE-79
Cross-site Scripting 		CVE-2016-10975 2024-11-21 11:45 2019-09-18 Show GitHub Exploit DB Packet Storm
267492 8.8 HIGH
Network 		tonjoostudio fluid-responsive-slideshow The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS. CWE-352
 Origin Validation Error 		CVE-2016-10974 2024-11-21 11:45 2019-09-18 Show GitHub Exploit DB Packet Storm
267493 6.1 MEDIUM
Network 		brafton brafton The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. CWE-79
Cross-site Scripting 		CVE-2016-10973 2024-11-21 11:45 2019-09-17 Show GitHub Exploit DB Packet Storm
267494 9.8 CRITICAL
Network 		tagdiv newspaper The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. CWE-269
 Improper Privilege Management 		CVE-2016-10972 2024-11-21 11:45 2019-09-17 Show GitHub Exploit DB Packet Storm
267495 9.8 CRITICAL
Network 		membersonic membersonic The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. CWE-269
 Improper Privilege Management 		CVE-2016-10971 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm
267496 6.1 MEDIUM
Network 		supportflow_project supportflow The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt. CWE-79
Cross-site Scripting 		CVE-2016-10970 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm
267497 6.1 MEDIUM
Network 		supportflow_project supportflow The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title. CWE-79
Cross-site Scripting 		CVE-2016-10969 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm
267498 8.8 HIGH
Network 		peepso peepso The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation. CWE-269
 Improper Privilege Management 		CVE-2016-10968 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm
267499 6.1 MEDIUM
Network 		creativeinteractivemedia real3d_flipbook The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter. CWE-79
Cross-site Scripting 		CVE-2016-10967 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm
267500 7.5 HIGH
Network 		creativeinteractivemedia real3d_flipbook The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. CWE-22
Path Traversal 		CVE-2016-10966 2024-11-21 11:45 2019-09-16 Show GitHub Exploit DB Packet Storm