Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 19, 2026, 2 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 252711 | 6.9 | 警告 | Foxit Software Inc | - | Foxit Reader における権限を取得される脆弱性 |
CWE-Other
その他 |
CVE-2011-3691 | 2011-10-4 10:01 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252712 | 6.9 | 警告 | PlotSoft L.L.C. | - | PlotSoft PDFill PDF Editor における権限を取得される脆弱性 |
CWE-Other
その他 |
CVE-2011-3690 | 2011-10-4 10:00 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252713 | 7.5 | 危険 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-3688 | 2011-10-4 09:45 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252714 | 4.3 | 警告 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3687 | 2011-10-3 14:56 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252715 | 4.3 | 警告 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager の myAddressBook.asp におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3686 | 2011-10-3 14:55 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252716 | 1.9 | 注意 | Tembria | - | Tembria Server Monitor における重要な情報を取得される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-3685 | 2011-10-3 14:54 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252717 | 4.3 | 警告 | Tembria | - | Tembria Server Monitor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3684 | 2011-10-3 14:52 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252718 | 7.5 | 危険 | Newgen Software Technologies Limited | - | Newgen OmniDocs におけるアクセス制限を回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2011-3645 | 2011-10-3 14:48 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252719 | 7.5 | 危険 | AliBabaClone.com | - | Alibaba Clone B2B の countrydetails.php におけるSQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4849 | 2011-09-30 14:24 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 252720 | 4.3 | 警告 | Diferior | - | Diferior におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4850 | 2011-09-30 14:22 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 19, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 253861 | 5.4 |
MEDIUM
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. |
CWE-79
Cross-site Scripting |
CVE-2017-17994 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253862 | 5.4 |
MEDIUM
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. |
CWE-79
Cross-site Scripting |
CVE-2017-17993 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253863 | 9.8 |
CRITICAL
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. |
CWE-22
Path Traversal |
CVE-2017-17992 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253864 | 5.4 |
MEDIUM
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. |
CWE-79
Cross-site Scripting |
CVE-2017-17991 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253865 | 8.8 |
HIGH
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. |
CWE-352
Origin Validation Error |
CVE-2017-17990 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253866 | 5.4 |
MEDIUM
Network |
iwcnetwork | biometric_shift_employee_management_system | Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. |
CWE-79
Cross-site Scripting |
CVE-2017-17989 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253867 | 4.8 |
MEDIUM
Network |
muslim_matrimonial_script_project | muslim_matrimonial_script | PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter. |
CWE-79
Cross-site Scripting |
CVE-2017-17988 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253868 | 7.2 |
HIGH
Network |
muslim_matrimonial_script_project | muslim_matrimonial_script | PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload via admin/mydetails_edit.php. |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2017-17987 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253869 | 4.8 |
MEDIUM
Network |
muslim_matrimonial_script_project | muslim_matrimonial_script | PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter. |
CWE-79
Cross-site Scripting |
CVE-2017-17986 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |
| 253870 | 4.8 |
MEDIUM
Network |
muslim_matrimonial_script_project | muslim_matrimonial_script | PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state_view.php cou_id parameter. |
CWE-79
Cross-site Scripting |
CVE-2017-17985 | 2024-11-21 12:19 | 2017-12-30 | Show | GitHub Exploit DB Packet Storm |