Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp icewarp 10.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37728
IceWarp v10.2.1 exists to contain cross-site scripting (XSS) vulnerability via the color parameter.
Icewarp Icewarp 10.2.1
NA
CVE-2023-39598
Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote malicious user to execute arbitrary code via a crafted payload to the mid parameter.
Icewarp Webclient 10.2.1
6.4
CVSSv2
CVE-2011-3579
server/webmail.php in IceWarp WebMail in IceWarp Mail Server prior to 10.3.3 allows remote malicious users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaratio...
Icewarp Mail Server 10.0.3
Icewarp Mail Server 10.0.4
Icewarp Mail Server 10.2.1
Icewarp Mail Server 10.2.2
Icewarp Mail Server 9.4.2
Icewarp Mail Server
Icewarp Mail Server 10.3.1
Icewarp Mail Server 10.1.4
Icewarp Mail Server 10.2.0
Icewarp Mail Server 9.4.0
Icewarp Mail Server 9.4.1
Icewarp Mail Server 10.0.7
Icewarp Mail Server 10.0.8
Icewarp Mail Server 10.1.1
Icewarp Mail Server 10.3.0
Icewarp Mail Server 9.3.0
Icewarp Mail Server 10.1.2
Icewarp Mail Server 10.1.3
Icewarp Mail Server 9.3.1
Icewarp Mail Server 9.3.2
1 EDB exploit
5
CVSSv2
CVE-2011-3580
IceWarp WebMail in IceWarp Mail Server prior to 10.3.3 allows remote malicious users to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
Icewarp Mail Server 10.0.7
Icewarp Mail Server 10.0.8
Icewarp Mail Server 10.0.3
Icewarp Mail Server 10.0.4
Icewarp Mail Server 10.2.1
Icewarp Mail Server 10.2.2
Icewarp Mail Server 9.4.1
Icewarp Mail Server 9.4.0
Icewarp Mail Server 10.1.2
Icewarp Mail Server 10.1.3
Icewarp Mail Server 9.3.1
Icewarp Mail Server 9.3.2
Icewarp Mail Server 10.1.1
Icewarp Mail Server 10.3.0
Icewarp Mail Server 9.3.0
Icewarp Mail Server 9.4.2
Icewarp Mail Server 10.3.1
Icewarp Mail Server 10.1.4
Icewarp Mail Server 10.2.0
Icewarp Mail Server
4.3
CVSSv2
CVE-2010-5336
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
Icewarp Webclient
4.3
CVSSv2
CVE-2010-5340
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.
Icewarp Webclient
4.3
CVSSv2
CVE-2010-5337
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
4.3
CVSSv2
CVE-2010-5338
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
4.3
CVSSv2
CVE-2010-5339
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
7.8
CVSSv2
CVE-2010-5334
IceWarp Webclient prior to 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exp...
Icewarp Webclient
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »