Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zarafa webapp vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-7219
Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and previous versions. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product i...
Zarafa Webaccess 7.2.0-48204
1 Github repository
NA
CVE-2014-9465
senddocument.php in Zarafa WebApp prior to 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x prior to 7.1.12 beta 1 and 7.2.x prior to 7.2.0 beta 1 allows remote malicious users to cause a denial of service (/tmp disk consumption) by uploading a large number of ...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Zarafa Zarafa Collaboration Platform 7.0.3
Zarafa Zarafa Collaboration Platform 7.0.5
Zarafa Zarafa Collaboration Platform 7.0.12
Zarafa Zarafa Collaboration Platform 7.1.0
Zarafa Zarafa Collaboration Platform 7.1.7
Zarafa Zarafa Collaboration Platform 7.1.9
Zarafa Webapp
Zarafa Zarafa Collaboration Platform 7.0.0
Zarafa Zarafa Collaboration Platform 7.0.1
Zarafa Zarafa Collaboration Platform 7.0.2
Zarafa Zarafa Collaboration Platform 7.1.2
Zarafa Zarafa Collaboration Platform 7.1.3
Zarafa Zarafa Collaboration Platform 7.1.4
Zarafa Zarafa Collaboration Platform 7.1.5
Zarafa Zarafa Collaboration Platform 7.0.7
Zarafa Zarafa Collaboration Platform 7.0.8
Zarafa Zarafa Collaboration Platform 7.0.9
Zarafa Zarafa Collaboration Platform 7.0.10
Zarafa Zarafa Collaboration Platform 7.0.11
Zarafa Zarafa Collaboration Platform 7.1.10
NA
CVE-2014-5447
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103.
Zarafa Zarafa 7.1.10
Zarafa Webapp 1.6
NA
CVE-2014-5449
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Zarafa Webaccess 4.1
Zarafa Webapp -
NA
CVE-2014-0103
WebAccess in Zarafa prior to 7.1.10 and WebApp prior to 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
Fedoraproject Fedora 19
Zarafa Zarafa 7.0.10
Zarafa Zarafa 7.0.12
Zarafa Zarafa 7.0.7
Zarafa Zarafa 7.0.9
Zarafa Webapp
Zarafa Zarafa
Zarafa Zarafa 7.0
Zarafa Zarafa 7.0.1
Zarafa Zarafa 7.1.1
Zarafa Zarafa 7.0.2
Zarafa Zarafa 7.0.3
Zarafa Zarafa 7.0.4
Zarafa Zarafa 7.0.5
Zarafa Zarafa 7.1.2
Zarafa Zarafa 7.1.3
Zarafa Zarafa 7.1.4
Fedoraproject Fedora 20
Zarafa Zarafa 7.0.11
Zarafa Zarafa 7.0.13
Zarafa Zarafa 7.0.6
Zarafa Zarafa 7.0.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started