smartertools

Top products

The 15 most recently published vulnerabilities affecting smartertools.

• CVE-2026-7807SmarterTools SmarterMail < Build 9560 Server Local File Inclusion via the /api/v1/report/summary/{type} API8.1May 8, 2026
• CVE-2026-40514SmarterTools SmarterMail < Build 9610 Cryptographic Weakness via Weak RNG5.9Apr 27, 2026
• CVE-2026-26930SmarterTools SmarterMail before 9526 allows XSS via MAPI requests.7.2Feb 16, 2026
• CVE-2026-25067SmarterTools SmarterMail < Build 9518 Unauthenticated background-of-the-day Path Coercion5.3Jan 29, 2026
• CVE-2026-24423SmarterTools SmarterMail < Build 9511 Unauthenticated RCE via ConnectToHub APIKEV9.8Jan 23, 2026
• CVE-2026-23760SmarterTools SmarterMail < Build 9511 Authentication Bypass via Password Reset APIKEV9.8Jan 22, 2026
• CVE-2020-36926SmarterTools SmarterTrack 7922 -Information Disclosure7.5Jan 15, 2026
• CVE-2025-52691Upload Arbitrary FilesKEV10.0Dec 29, 2025
• CVE-2023-48116SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment.5.4Dec 21, 2023
• CVE-2023-48115SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request.5.4Dec 21, 2023
• CVE-2023-48114SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, bu...5.4Dec 21, 2023
• CVE-2022-24387File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.140109.1Mar 14, 2022
• CVE-2022-24386Stored XSS in SmarterTrack v100.0.8019.140108.8Mar 14, 2022
• CVE-2022-24385Information disclosure via direct object access on SmarterTrack v100.0.8019.140106.5Mar 14, 2022
• CVE-2022-24384Reflective XSS on SmarterTrack v100.0.8019.140108.8Mar 14, 2022