Vulnerabilities > Smartertools

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2020-29548 Command Injection vulnerability in Smartertools Smartermail
An issue was discovered in SmarterTools SmarterMail through 100.0.7537.
network
high complexity
smartertools CWE-77
8.1
2021-07-06 CVE-2021-32233 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail before Build 7776 allows XSS.
network
low complexity
smartertools CWE-79
6.1
2019-04-24 CVE-2019-7214 Deserialization of Untrusted Data vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data.
network
low complexity
smartertools CWE-502
critical
9.8
2019-04-24 CVE-2019-7213 Path Traversal vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal.
network
low complexity
smartertools CWE-22
6.5
2019-04-24 CVE-2019-7212 Use of Hard-coded Credentials vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys.
network
low complexity
smartertools CWE-798
8.2
2019-04-24 CVE-2019-7211 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail 16.x before build 6995 has stored XSS.
network
low complexity
smartertools CWE-79
6.1
2019-01-16 CVE-2015-9276 Cross-site Scripting vulnerability in Smartertools Smartermail
SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mechanisms.
network
low complexity
smartertools CWE-79
6.1
2017-09-30 CVE-2017-14620 Cross-site Scripting vulnerability in Smartertools Smarterstats 11.3.6347
SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.
network
low complexity
smartertools CWE-79
6.1