Vulnerabilities > Smartertools
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-17 | CVE-2020-29548 | Command Injection vulnerability in Smartertools Smartermail An issue was discovered in SmarterTools SmarterMail through 100.0.7537. | 6.8 |
2021-07-06 | CVE-2021-32233 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail before Build 7776 allows XSS. | 4.3 |
2019-04-24 | CVE-2019-7214 | Deserialization of Untrusted Data vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. | 9.8 |
2019-04-24 | CVE-2019-7213 | Path Traversal vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. | 5.5 |
2019-04-24 | CVE-2019-7212 | Use of Hard-coded Credentials vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. | 6.4 |
2019-04-24 | CVE-2019-7211 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6995 has stored XSS. | 4.3 |
2019-01-16 | CVE-2015-9276 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mechanisms. | 4.3 |
2017-09-30 | CVE-2017-14620 | Cross-site Scripting vulnerability in Smartertools Smarterstats 11.3.6347 SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting. | 4.3 |
2012-09-19 | CVE-2012-2578 | Cross-Site Scripting vulnerability in Smartertools Smartermail 9.2 Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a JavaScript alert function used in conjunction with the fromCharCode method, (2) a SCRIPT element, (3) a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an arbitrary element, or (4) an innerHTML attribute within an XML document. | 4.3 |
2011-12-16 | CVE-2011-4752 | Unspecified vulnerability in Smartertools Smarterstats 6.2.4100 SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. | 10.0 |