CVE-2010-3486

# Note: Fixed by the vendor in version 723925 # wwwsmartertoolscom/smartermail/releasenotes/v7aspx Vendor: smartertoolscom SmarterMail 7x (713876) | Bug : Directory Traversal, OS Command Injection, Other Critcal Vulns ######################################################################## # Vendor: smartertoolscom Smarte ...

Author: Hoyt LLC Research | xsscx | cloudscanme Identified: October 28, 2010 Vendor: SmarterTools Application: SmarterMail 7x Bug(s): Stored XSS, Reflected XSS, Directory Traversal, File Upload Parameters, OS Execution, XML Injection, LDAP Injection, DoS Patch: The Vendor has released SmarterMail Version 8 at URI wwwsmart ...

######################################################################## # Vendor: smartertoolscom SmarterMail 7x (723925) # Date: 2010-10-01 # Author : David Hoyt (sqlhacker) – Hoyt LLC # Contact : h02332@gmailcom # Home : cloudscanme # Dork : insite: SmarterMail Enterprise 72 # Bug : LDAP Injection + Cross Site Scripting (STORED) ...

SmarterMail version 7x suffers from cross site scripting, shell upload and directory traversal vulnerabilities ...

SmarterMail version 723925 suffers from a LDAP injection vulnerability ...

SmarterMail version 723925 suffers from a cross site scripting vulnerability ...