merak mail server 8.3.0r vulnerabilities and exploits

(subscribe to this query)

PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote malicious users to include arbitrary local and remote PHP files via a URL in the (1...

Merak Mail Server 8.3.0r Deerfield Visnetic Mail Server 8.3.0 Build1 Icewarp Web Mail 5.5.1

2 EDB exploits

IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users ...

Merak Mail Server 8.3.0r Deerfield Visnetic Mail Server 8.3.0 Build1 Icewarp Web Mail 5.5.1

2 EDB exploits

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote malicious users to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulner...

Merak Mail Server 8.3.0r Deerfield Visnetic Mail Server 8.3.0 Build1 Icewarp Web Mail 5.5.1

1 EDB exploit

mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly initialize the default_layout and layout_settings variables when an unrecognized HTTP_USER_AGENT string is provided, which allows rem...

Merak Mail Server 8.3.0r Deerfield Visnetic Mail Server 8.3.0 Build1 Icewarp Web Mail 5.5.1

1 EDB exploit

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook