Vulnerabilities > Smartertools > Smartertrack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-24384 | Cross-site Scripting vulnerability in Smartertools Smartertrack Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.3 |
| 2022-03-14 | CVE-2022-24385 | Forced Browsing vulnerability in Smartertools Smartertrack A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.0 |
| 2022-03-14 | CVE-2022-24386 | Cross-site Scripting vulnerability in Smartertools Smartertrack Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 6.1 |
| 2022-03-14 | CVE-2022-24387 | Unrestricted Upload of File with Dangerous Type vulnerability in Smartertools Smartertrack With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. | 7.2 |
| 2010-08-25 | CVE-2009-4995 | Cross-Site Scripting vulnerability in Smartertools Smartertrack Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. | 4.3 |
| 2010-08-25 | CVE-2009-4994 | Cross-Site Scripting vulnerability in Smartertools Smartertrack Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |