Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4670

Malware in sbrugna...

10CVSS6.4AI score0.02004EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-2143

Malware in sbrugna...

5CVSS6.4AI score0.02667EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4669

Malware in sbrugna...

5CVSS6.4AI score0.0116EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-2147

Malware in sbrugna...

7.5CVSS6.4AI score0.03913EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2011/12/21 12:0 a.m.39 views

SmarterTools SmarterStats Multiple Vulnerabilities

This host is SmarterTools SmarterStats and is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.02004EPSS
Exploits0References2
NVD
NVD
added 2011/12/16 11:55 a.m.14 views

CVE-2011-4752

SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. NOTE: it is possible that only clients,...

10CVSS6.7AI score0.02004EPSS
Exploits0References2
NVD
NVD
added 2011/12/16 11:55 a.m.17 views

CVE-2011-4751

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading 1 web-server access logs or 2 web-server Referer logs,...

5CVSS6.1AI score0.0116EPSS
Exploits0References2
Prion
Prion
added 2011/12/16 11:55 a.m.18 views

Design/Logic Flaw

SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. NOTE: it is possible that only clients,...

10CVSS7.2AI score0.02004EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2011/12/16 11:0 a.m.43 views

CVE-2011-4751

CVE-2011-4751 affects SmarterTools SmarterStats 6.2.4100. The issue arises when responses to GET requests with query strings for frmGettingStarted.aspx generate pages containing external links, enabling cross-domain Referer leakage. This can let remote attackers read web-server access logs or web...

5CVSS6.3AI score0.0116EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2011/05/20 10:55 p.m.20 views

CVE-2011-2158

The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving 1 Admin/frmSite.aspx, 2 Admin/frmSites.aspx, 3 Admin/frmViewReports.aspx, 4...

10CVSS6.7AI score0.04384EPSS
Exploits0References5
NVD
NVD
added 2011/05/20 10:55 p.m.18 views

CVE-2011-2159

The SmarterTools SmarterStats 6.0 web server omits the Content-Type header for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving 1 Admin/Defaults/frmDefaultSiteSettings.aspx, 2...

10CVSS6.7AI score0.04377EPSS
Exploits0References4
NVD
NVD
added 2011/05/20 10:55 p.m.16 views

CVE-2011-2152

The SmarterTools SmarterStats 6.0 web server generates web pages containing external links in response to GET requests with query strings for 1 Client/frmViewReports.aspx or 2 UserControls/Popups/frmHelp.aspx, which makes it easier for remote attackers to obtain sensitive information by reading a...

5CVSS6.1AI score0.0264EPSS
Exploits0References4
NVD
NVD
added 2011/05/20 10:55 p.m.18 views

CVE-2011-2155

Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ctl00$MPH$txtPassword password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation...

7.5CVSS7AI score0.03913EPSS
Exploits0References5
NVD
NVD
added 2011/05/20 10:55 p.m.18 views

CVE-2011-2154

login.aspx in the SmarterTools SmarterStats 6.0 web server does not include the HTTPOnly flag in a Set-Cookie header for the loginsettings cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

5CVSS6.1AI score0.02667EPSS
Exploits0References5
NVD
NVD
added 2011/05/20 10:55 p.m.18 views

CVE-2011-2151

The 1 Admin/frmEmailReportSettings.aspx, 2 Admin/frmGeneralSettings.aspx, 3 Admin/frmSite.aspx, 4 Client/frmUser.aspx, and 5 Login.aspx components in the SmarterTools SmarterStats 6.0 web server accept cleartext passwords, which makes it easier for remote attackers to obtain sensitive information...

5CVSS6.2AI score0.02667EPSS
Exploits0References5
NVD
NVD
added 2011/05/20 10:55 p.m.16 views

CVE-2011-2150

The SmarterTools SmarterStats 6.0 web server does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error and daemon pause via vectors involving 1 certain cookies in a SiteInfoLookup action to...

5CVSS6.7AI score0.03024EPSS
Exploits0References4
NVD
NVD
added 2011/05/20 10:55 p.m.15 views

CVE-2011-2149

Multiple SQL injection vulnerabilities in the SmarterTools SmarterStats 6.0 web server allow remote attackers to execute arbitrary SQL commands via certain parameters to 1 Admin/frmSite.aspx, 2 Default.aspx, 3 Services/SiteAdmin.asmx, or 4 Client/frmViewReports.aspx; certain cookies to 5...

7.5CVSS8.5AI score0.0235EPSS
Exploits0References4
NVD
NVD
added 2011/05/20 10:55 p.m.16 views

CVE-2011-2156

The SmarterTools SmarterStats 6.0 web server allows remote attackers to obtain directory listings via a direct request for the 1 Admin/, 2 Admin/Defaults/, 3 Admin/GettingStarted/, 4 Admin/Popups/, 5 AppThemes/, 6 Client/, 7 Client/Popups/, 8 Services/, 9 Temp/, 10 UserControls/, 11...

5CVSS6.6AI score0.0264EPSS
Exploits0References4
Prion
Prion
added 2011/05/20 10:55 p.m.14 views

Command injection

Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server allows remote attackers to execute arbitrary commands via vectors involving a leading and trailing & ampersand character, and 1 an STTTState cookie, 2 the ctl00%24MPH%24txtAdminNewPasswordSettingText parameter, 3 the...

10CVSS8.3AI score0.05321EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2011/05/20 10:55 p.m.15 views

Design/Logic Flaw

The SmarterTools SmarterStats 6.0 web server does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error and daemon pause via vectors involving 1 certain cookies in a SiteInfoLookup action to...

5CVSS7.3AI score0.03024EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder