Lucene search
K

65 matches found

NVD
NVD
added 2022/03/14 1:15 p.m.33 views

CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS0.02026EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/14 1:15 p.m.18 views

CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS7AI score0.02026EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/03/14 1:15 p.m.12 views

CVE-2022-24385

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

6.5CVSS0.00863EPSS
Exploits0References2
NVD
NVD
added 2022/03/14 1:15 p.m.20 views

CVE-2022-24386

Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

8.8CVSS0.00697EPSS
Exploits0References2
OSV
OSV
added 2022/03/14 1:15 p.m.4 views

CVE-2022-24385

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

6.5CVSS5.8AI score0.00863EPSS
Exploits0References2
OSV
OSV
added 2022/03/14 1:15 p.m.6 views

CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

7.2CVSS5.8AI score0.02026EPSS
Exploits0References3
Prion
Prion
added 2022/03/14 1:15 p.m.13 views

Cross site scripting

Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

4.3CVSS5.9AI score0.04737EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/14 1:15 p.m.12 views

Cross site scripting

Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

3.5CVSS5.2AI score0.00697EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/14 1:15 p.m.15 views

Design/Logic Flaw

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

6.5CVSS6.9AI score0.02026EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/14 1:15 p.m.12 views

Information disclosure

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

4CVSS6.2AI score0.00863EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/14 12:15 p.m.115 views

CVE-2022-24387

CVE-2022-24387 affects SmarterTrack v100.0.8019.14010. With administrator privileges, an attacker can trigger overwriting files in the app_data/Config folder, e.g., systemsettings.xml. This is a local/privilege-limited impact described in multiple feeds, with the root cause being write access to ...

9.1CVSS7.5AI score0.02026EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/03/14 12:15 p.m.25 views

CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS9.4AI score0.02026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/03/14 12:15 p.m.15 views

CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010

With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...

9.1CVSS6.9AI score0.02026EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.3 views

SmarterTools SmarterTrack 跨站脚本漏洞

SmarterTools SmarterTrack is a customer service software from SmarterTools UK. SmarterTools SmarterTrack version 100.0.8019.14010 is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker cou...

8.8CVSS5.6AI score0.04737EPSS
Exploits0References3
CVE
CVE
added 2022/03/14 12:0 a.m.127 views

CVE-2022-24384

This entry documents a Cross-Site Scripting (XSS) vulnerability in SmarterTools SmarterTrack 100.0.8019.14010. The connected Nuclei template specifies the affected product and condition, confirming an XSS flaw in SmarterTrack. The underlying issue is data validation/output handling that allows ex...

8.8CVSS6.1AI score0.04737EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/14 12:0 a.m.20 views

CVE-2022-24384 Reflective XSS on SmarterTrack v100.0.8019.14010

Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

8.8CVSS8.1AI score0.04737EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/14 12:0 a.m.12 views

PT-2022-16662 · Unknown · Smartertrack

Name of the Vulnerable Software and Affected Versions: SmarterTrack version 100.0.8019.14010 Description: The application can be tricked into overwriting files in the app data/Config folder, such as the systemsettings.xml file, with administrator or admin privileges. Recommendations: For...

9.1CVSS6.9AI score0.02026EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/03/14 12:0 a.m.13 views

CVE-2022-24384 Reflective XSS on SmarterTrack v100.0.8019.14010

Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

8.8CVSS5.9AI score0.04737EPSS
Exploits0References2
CVE
CVE
added 2022/03/14 12:0 a.m.122 views

CVE-2022-24385

CVE-2022-24385 describes a Direct Object Access vulnerability in SmarterTools SmarterTrack, affecting version 100.0.8019.14010 and leading to information disclosure. The connected documents confirm the affected product and version, and indicate the underlying issue is direct object access, with p...

6.5CVSS6.2AI score0.00863EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/14 12:0 a.m.26 views

CVE-2022-24386 Stored XSS in SmarterTrack v100.0.8019.14010

Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...

8.8CVSS8.3AI score0.00697EPSS
Exploits0References2
Rows per page
Query Builder