Vulnerabilities > Smartertools > Smarterstats > 6.2.4100
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-12-16 | CVE-2011-4752 | Unspecified vulnerability in Smartertools Smarterstats 6.2.4100 SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4751 | Information Exposure vulnerability in Smartertools Smarterstats 6.2.4100 SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | 5.0 |
2011-12-16 | CVE-2011-4750 | Cross-Site Scripting vulnerability in Smartertools Smarterstats 6.2.4100 Multiple cross-site scripting (XSS) vulnerabilities in SmarterTools SmarterStats 6.2.4100 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Default.aspx and certain other files. | 4.3 |