kent-web 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk cross-site scripting などに関し、一部は vendor impact session compromise を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2015-0889 | KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article. | [email protected] | 7.5 | 2.62% | 2015-02-28 | 2026-05-06 |
| CVE-2015-0888 | KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors. | [email protected] | 6.4 | 1.51% | 2015-02-28 | 2026-05-06 |
| CVE-2014-7258 | Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.19% | 2014-12-05 | 2026-05-06 |
| CVE-2014-0812 | Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.16% | 2014-02-01 | 2026-04-29 |
| CVE-2013-3649 | Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. | [email protected] | 4.3 | 1.15% | 2013-06-28 | 2026-04-29 |
| CVE-2013-3648 | Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. | [email protected] | 4.3 | 1.15% | 2013-06-28 | 2026-04-29 |
| CVE-2012-5176 | Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 5.02 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to tag embedding. | [email protected] | 4.3 | 1.15% | 2012-12-06 | 2026-04-29 |
| CVE-2012-5175 | Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data. | [email protected] | 4.3 | 1.15% | 2012-12-06 | 2026-04-29 |
| CVE-2012-2643 | Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry. | [email protected] | 4.3 | 1.15% | 2012-07-07 | 2026-04-29 |
| CVE-2012-2637 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. | [email protected] | 4.3 | 1.15% | 2012-06-19 | 2026-04-29 |
| CVE-2012-2636 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.15% | 2012-06-19 | 2026-04-29 |
| CVE-2011-4172 | Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote attackers to inject arbitrary web script or HTML via (1) an e-mail address field or (2) a cookie, a related issue to CVE-2011-3383, CVE-2011-3983, and CVE-2011-3984. | [email protected] | 4.3 | 0.85% | 2011-10-24 | 2026-04-29 |
| CVE-2011-3984 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "web form entries." | [email protected] | 4.3 | 1.40% | 2011-10-24 | 2026-04-29 |
| CVE-2011-3983 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to cookies. | [email protected] | 4.3 | 1.66% | 2011-10-24 | 2026-04-29 |
| CVE-2011-3383 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "the web page to be output." | [email protected] | 4.3 | 1.03% | 2011-10-24 | 2026-04-29 |
| CVE-2008-5224 | Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.06% | 2008-11-25 | 2026-04-23 |