CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24384 – Reflective XSS on SmarterTrack v100.0.8019.14010
https://notcve.org/view.php?id=CVE-2022-24384
14 Mar 2022 — Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. Una vulnerabilidad de tipo Cross-site Scripting (XSS) en SmarterTools SmarterTrack Este problema afecta a: SmarterTools SmarterTrack versión 100.0.8019.14010 • https://csirt.divd.nl/CVE-2022-24384 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24385 – Information disclosure via direct object access on SmarterTrack v100.0.8019.14010
https://notcve.org/view.php?id=CVE-2022-24385
14 Mar 2022 — A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. Una vulnerabilidad de Acceso Directo a Objetos en SmarterTools SmarterTrack conlleva a una divulgación de información Este problema afecta a: SmarterTools SmarterTrack versión 100.0.8019.14010 • https://csirt.divd.nl/CVE-2022-24385 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24386 – Stored XSS in SmarterTrack v100.0.8019.14010
https://notcve.org/view.php?id=CVE-2022-24386
14 Mar 2022 — Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. Una vulnerabilidad de tipo XSS almacenado en SmarterTools SmarterTrack Este problema afecta a: SmarterTools SmarterTrack versión 100.0.8019.14010 • https://csirt.divd.nl/CVE-2022-24386 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 22EXPL: 0CVE-2009-4994
https://notcve.org/view.php?id=CVE-2009-4994
25 Aug 2010 — Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en frmKBSearch.aspx en SmarterTools, SmarterTrack anterior a v4.0.3504 permite a atacantes remotos inyectar código web o HTML a través del parámetro de búsqueda. • http://holisticinfosec.org/content/view/123/45 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 22EXPL: 0CVE-2009-4995
https://notcve.org/view.php?id=CVE-2009-4995
25 Aug 2010 — Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en frmTickets.aspx en SmarterTools SmarterTrack anterior a v4.0.3504 permite a atacantes remotos inyectar secuencias de c... • http://secunia.com/advisories/36172 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •