Lucene search
K

197 matches found

ATTACKERKB
ATTACKERKB
added 2022/03/11 11:0 p.m.4 views

CVE-2022-24385

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

6.5CVSS6.6AI score0.00842EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/11/21 12:0 a.m.22 views

SmarterMail Cross-Site Scripting Vulnerability

SmarterMail is a mail server software from Smartertools, Inc. The software supports spam filtering, statistics, and simple mail transfer protocol SMTP authentication.SmarterMail has a cross-site scripting vulnerability in 16.x through 100.x. The vulnerability stems from a lack of data validation...

6.1CVSS1.7AI score0.00568EPSS
Exploits0References1
NVD
NVD
added 2021/11/17 5:15 p.m.17 views

CVE-2021-43977

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS...

6.1CVSS0.00568EPSS
Exploits0References2
OSV
OSV
added 2021/11/17 5:15 p.m.3 views

CVE-2021-43977

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS...

6.1CVSS6.4AI score0.00568EPSS
Exploits0References2
OSV
OSV
added 2021/11/17 5:15 p.m.2 views

CVE-2021-32234

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution...

9.8CVSS6AI score0.02089EPSS
Exploits0References2
NVD
NVD
added 2021/11/17 5:15 p.m.16 views

CVE-2021-32234

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution...

9.8CVSS0.02089EPSS
Exploits0References2
Prion
Prion
added 2021/11/17 5:15 p.m.24 views

Remote code execution

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution...

7.5CVSS9.7AI score0.02089EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/11/17 4:54 p.m.49 views

CVE-2021-43977

The CVE-2021-43977 entry concerns SmarterTools SmarterMail 16.x through 100.x, prior to 100.0.7803, with a Cross-Site Scripting (XSS) vulnerability. The root cause is insufficient validation/filtering of user-supplied data, enabling malicious script execution in the client browser. Affected compo...

6.1CVSS6.2AI score0.00568EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/11/17 4:54 p.m.15 views

CVE-2021-43977

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS...

6.5AI score0.00568EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/17 4:54 p.m.22 views

CVE-2021-32234

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution...

10AI score0.02089EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2021/09/24 12:0 a.m.254 views

SmarterTools SmarterTrack 7922 Information Disclosure

Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/24 12:0 a.m.180 views

SmarterTools SmarterTrack 7922 - (Multiple) Information Disclosure Vulnerability

Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/24 12:0 a.m.195 views

SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure

Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure Google Dork: intext:"Powered by SmarterTrack" Date: 23/01/2020 Exploit Author: Andrei Manole Vendor Homepage: https://www.smartertools.com/ Software Link: https://www.smartertools.com/smartertrack Version: TESTED ON...

7.4AI score
Exploits0
OSV
OSV
added 2021/09/08 11:15 a.m.3 views

CVE-2021-40377

SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application...

5.4CVSS5.8AI score0.00466EPSS
Exploits0References1
Prion
Prion
added 2021/09/08 11:15 a.m.15 views

Cross site scripting

SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application...

3.5CVSS5.4AI score0.00466EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/08 10:57 a.m.58 views

CVE-2021-40377

The CVE-2021-40377 entry affects SmarterTools SmarterMail 16.x prior to build 7866, where stored XSS occurs because the application fails to sanitize email content. This allows injected HTML/JavaScript to be stored and later processed by the app. The available connected documents confirm the prod...

5.4CVSS5.4AI score0.00466EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/08 10:57 a.m.23 views

CVE-2021-40377

SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application...

5.6AI score0.00466EPSS
Exploits0References1
NVD
NVD
added 2021/08/17 6:15 p.m.24 views

CVE-2020-29548

An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session...

8.1CVSS0.01127EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/17 5:16 p.m.22 views

CVE-2020-29548

An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session...

8.2AI score0.01127EPSS
Exploits0References2
CVE
CVE
added 2021/08/17 5:16 p.m.54 views

CVE-2020-29548

SmarterMail (SmarterTools) up to v100.0.7537 is affected. In this CVE, a meddler-in-the-middle can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session. The issue is described across multiple sources (NVD entry for CVE-2020-29548 and vendor refe...

8.1CVSS8AI score0.01127EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder