65 matches found
CVE-2022-24387
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
CVE-2022-24387
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
CVE-2022-24385
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
CVE-2022-24386
Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
CVE-2022-24385
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
CVE-2022-24387
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
Cross site scripting
Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
Cross site scripting
Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
Design/Logic Flaw
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
Information disclosure
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
CVE-2022-24387
CVE-2022-24387 affects SmarterTrack v100.0.8019.14010. With administrator privileges, an attacker can trigger overwriting files in the app_data/Config folder, e.g., systemsettings.xml. This is a local/privilege-limited impact described in multiple feeds, with the root cause being write access to ...
CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
CVE-2022-24387 File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010
With administrator or admin privileges the application can be tricked into overwriting files in appdata/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010...
SmarterTools SmarterTrack 跨站脚本漏洞
SmarterTools SmarterTrack is a customer service software from SmarterTools UK. SmarterTools SmarterTrack version 100.0.8019.14010 is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker cou...
CVE-2022-24384
This entry documents a Cross-Site Scripting (XSS) vulnerability in SmarterTools SmarterTrack 100.0.8019.14010. The connected Nuclei template specifies the affected product and condition, confirming an XSS flaw in SmarterTrack. The underlying issue is data validation/output handling that allows ex...
CVE-2022-24384 Reflective XSS on SmarterTrack v100.0.8019.14010
Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
PT-2022-16662 · Unknown · Smartertrack
Name of the Vulnerable Software and Affected Versions: SmarterTrack version 100.0.8019.14010 Description: The application can be tricked into overwriting files in the app data/Config folder, such as the systemsettings.xml file, with administrator or admin privileges. Recommendations: For...
CVE-2022-24384 Reflective XSS on SmarterTrack v100.0.8019.14010
Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...
CVE-2022-24385
CVE-2022-24385 describes a Direct Object Access vulnerability in SmarterTools SmarterTrack, affecting version 100.0.8019.14010 and leading to information disclosure. The connected documents confirm the affected product and version, and indicate the underlying issue is direct object access, with p...
CVE-2022-24386 Stored XSS in SmarterTrack v100.0.8019.14010
Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010...