Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
merak mail server 7.4.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1719
Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spa...
Merak Mail Server 7.4.5
4 EDB exploits
NA
CVE-2004-1720
The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote malicious users to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since th...
Merak Mail Server 7.4.5
1 EDB exploit
NA
CVE-2004-1670
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote malicious users to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary file...
Merak Mail Server 7.4.5
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1669
Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter...
Merak Mail Server 7.4.5
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1674
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to (1) delete arbitrary files via the originalfolder parameter or (2) move arbitrary files via the messageid parameter.
Merak Mail Server 7.4.5
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1722
SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote malicious users to execute arbitrary SQL statements via the schedule parameter.
Merak Mail Server 7.5.2
1 EDB exploit
NA
CVE-2004-1673
accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote malicious users to create text files with arbitrary content via the accountid parameter.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1671
Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1672
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to view other users' attachments by specifying the username and message ID in an HTTP request.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2009-1469
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server prior to 9.4.2 makes it easier for remote malicious users to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header...
Icewarp Email Server 2.10.340
Icewarp Webmail Server 4.2.1
Icewarp Email Server 5.9.4
Icewarp Webmail Server 6.0.7
Icewarp Email Server 2.10.115
Icewarp Webmail Server 7.6.4
Icewarp Webmail Server 7.1.4
Icewarp Email Server 4.2.3
Icewarp Webmail Server 3.00.140
Icewarp Email Server 7.0.1
Icewarp Webmail Server 5.5.7
Icewarp Webmail Server 2.10.320
Icewarp Webmail Server 6.0.3
Icewarp Webmail Server 5.8.6
Icewarp Webmail Server 8.5.0
Icewarp Webmail Server 5.9.4
Icewarp Webmail Server 3.00.130
Icewarp Webmail Server 5.8.2
Icewarp Webmail Server 7.4.2
Icewarp Email Server 4.10.040
Icewarp Webmail Server 4.10.040
Icewarp Webmail Server 5.1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »