Smartertrack
by Smartertools
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24384 | 0.04 | — | 0.04 | Mar 14, 2022 | Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | |||
| CVE-2020-36926 | 0.00 | — | 0.00 | Jan 15, 2026 | SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with… | |||
| CVE-2022-24387 | 0.00 | — | 0.01 | Mar 14, 2022 | With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010 | |||
| CVE-2022-24386 | 0.00 | — | 0.01 | Mar 14, 2022 | Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | |||
| CVE-2022-24385 | 0.00 | — | 0.01 | Mar 14, 2022 | A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | |||
| CVE-2009-4995 | 0.00 | — | 0.01 | Aug 25, 2010 | Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained… | |||
| CVE-2009-4994 | 0.00 | — | 0.01 | Aug 25, 2010 | Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter. |
- CVE-2022-24384Mar 14, 2022risk 0.04cvss —epss 0.04
Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
- CVE-2020-36926Jan 15, 2026risk 0.00cvss —epss 0.00
SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with…
- CVE-2022-24387Mar 14, 2022risk 0.00cvss —epss 0.01
With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010
- CVE-2022-24386Mar 14, 2022risk 0.00cvss —epss 0.01
Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
- CVE-2022-24385Mar 14, 2022risk 0.00cvss —epss 0.01
A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.
- CVE-2009-4995Aug 25, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained…
- CVE-2009-4994Aug 25, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in frmKBSearch.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the search parameter.