Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Max CVSS
4.3
EPSS Score
0.14%
Published
2010-08-25
Updated
2010-08-26
Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
4.3
EPSS Score
0.14%
Published
2010-08-25
Updated
2010-08-26
Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
Max CVSS
8.8
EPSS Score
0.08%
Published
2022-03-14
Updated
2022-03-19
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
Max CVSS
6.5
EPSS Score
0.10%
Published
2022-03-14
Updated
2022-03-19
Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
Max CVSS
8.8
EPSS Score
0.06%
Published
2022-03-14
Updated
2022-03-19
With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010
Max CVSS
9.1
EPSS Score
0.12%
Published
2022-03-14
Updated
2022-03-19
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!