Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp mail server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-39699
IceWarp Mail Server v10.4.5 exists to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows malicious users to include or execute files from the local file system of the targeted server.
Icewarp Mail Server 10.4.5
8.8
CVSSv3
CVE-2020-14066
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload JavaScript files that are dangerous for clients to access.
Icewarp Mail Server 12.3.0.1
3 Github repositories
7.5
CVSSv3
CVE-2019-12593
IceWarp Mail Server up to and including 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
Icewarp Mail Server
1 EDB exploit
7.5
CVSSv3
CVE-2015-1503
Multiple directory traversal vulnerabilities in IceWarp Mail Server prior to 11.2 allow remote malicious users to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) scrip...
Icewarp Mail Server
1 EDB exploit
6.5
CVSSv3
CVE-2020-14064
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
Icewarp Mail Server 12.3.0.1
3 Github repositories
6.5
CVSSv3
CVE-2020-14065
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload files and consume disk space.
Icewarp Mail Server 12.3.0.1
3 Github repositories
6.1
CVSSv3
CVE-2023-40779
An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote malicious user to execute arbitrary code via a crafted request to the URL.
Icewarp Deep Castle G2 13.0.1.2
6.1
CVSSv3
CVE-2023-39700
IceWarp Mail Server v10.4.5 exists to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.
Icewarp Mail Server 10.4.5
6.1
CVSSv3
CVE-2021-36580
Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.
Icewarp Mail Server
Icewarp Icewarp Server
1 Github repository
6.1
CVSSv3
CVE-2020-27982
IceWarp 11.4.5.0 allows XSS via the language parameter.
Icewarp Mail Server 11.4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »