Vulnerabilities > Smartertools

DATE CVE VULNERABILITY TITLE RISK
2021-09-08 CVE-2021-40377 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 7866 has stored XSS.
3.5
2021-08-17 CVE-2020-29548 Command Injection vulnerability in Smartertools Smartermail
An issue was discovered in SmarterTools SmarterMail through 100.0.7537.
6.8
2021-07-06 CVE-2021-32233 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail before Build 7776 allows XSS.
4.3
2019-04-24 CVE-2019-7214 Deserialization of Untrusted Data vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data.
network
low complexity
smartertools CWE-502
critical
10.0
2019-04-24 CVE-2019-7213 Path Traversal vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal.
network
low complexity
smartertools CWE-22
5.5
2019-04-24 CVE-2019-7212 Use of Hard-coded Credentials vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys.
network
low complexity
smartertools CWE-798
6.4
2019-04-24 CVE-2019-7211 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6995 has stored XSS.
4.3
2019-01-16 CVE-2015-9276 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mechanisms.
4.3
2017-09-30 CVE-2017-14620 Cross-site Scripting vulnerability in Smartertools Smarterstats 11.3.6347
SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.
4.3
2012-09-19 CVE-2012-2578 Cross-Site Scripting vulnerability in Smartertools Smartermail 9.2
Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a JavaScript alert function used in conjunction with the fromCharCode method, (2) a SCRIPT element, (3) a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an arbitrary element, or (4) an innerHTML attribute within an XML document.
4.3