彙總 kent-web 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 跨站腳本 等問題,部分漏洞可能導致 工作階段劫持,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2015-0889 | KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article. | [email protected] | 7.5 | 2.62% | 2015-02-27 | 2026-06-16 |
| CVE-2015-0888 | KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors. | [email protected] | 6.4 | 1.51% | 2015-02-27 | 2026-06-16 |
| CVE-2014-7258 | Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.19% | 2014-12-05 | 2026-06-16 |
| CVE-2014-0812 | Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.16% | 2014-02-01 | 2026-06-16 |
| CVE-2013-3649 | Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. | [email protected] | 4.3 | 1.15% | 2013-06-28 | 2026-06-16 |
| CVE-2013-3648 | Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. | [email protected] | 4.3 | 1.15% | 2013-06-28 | 2026-06-16 |
| CVE-2012-5176 | Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 5.02 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to tag embedding. | [email protected] | 4.3 | 1.15% | 2012-12-06 | 2026-06-16 |
| CVE-2012-5175 | Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data. | [email protected] | 4.3 | 1.15% | 2012-12-06 | 2026-06-16 |
| CVE-2012-2643 | Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry. | [email protected] | 4.3 | 1.15% | 2012-07-07 | 2026-06-16 |
| CVE-2012-2637 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. | [email protected] | 4.3 | 1.15% | 2012-06-19 | 2026-06-16 |
| CVE-2012-2636 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.15% | 2012-06-19 | 2026-06-16 |
| CVE-2011-4172 | Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote attackers to inject arbitrary web script or HTML via (1) an e-mail address field or (2) a cookie, a related issue to CVE-2011-3383, CVE-2011-3983, and CVE-2011-3984. | [email protected] | 4.3 | 0.85% | 2011-10-24 | 2026-06-16 |
| CVE-2011-3984 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "web form entries." | [email protected] | 4.3 | 1.40% | 2011-10-24 | 2026-06-16 |
| CVE-2011-3983 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to cookies. | [email protected] | 4.3 | 1.66% | 2011-10-24 | 2026-06-16 |
| CVE-2011-3383 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "the web page to be output." | [email protected] | 4.3 | 1.03% | 2011-10-24 | 2026-06-16 |
| CVE-2008-5224 | Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.06% | 2008-11-25 | 2026-06-16 |