Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zarafa webapp - vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2014-5447
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103.
Zarafa Zarafa 7.1.10
Zarafa Webapp 1.6
187
VMScore
CVE-2014-5449
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
Zarafa Webaccess 4.1
Zarafa Webapp -
187
VMScore
CVE-2014-0103
WebAccess in Zarafa prior to 7.1.10 and WebApp prior to 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
Fedoraproject Fedora 19
Zarafa Zarafa 7.0.10
Zarafa Zarafa 7.0.12
Zarafa Zarafa 7.0.7
Zarafa Zarafa 7.0.9
Zarafa Webapp
Zarafa Zarafa
Zarafa Zarafa 7.0
Zarafa Zarafa 7.0.1
Zarafa Zarafa 7.1.1
Zarafa Zarafa 7.0.2
Zarafa Zarafa 7.0.3
Zarafa Zarafa 7.0.4
Zarafa Zarafa 7.0.5
Zarafa Zarafa 7.1.2
Zarafa Zarafa 7.1.3
Zarafa Zarafa 7.1.4
Fedoraproject Fedora 20
Zarafa Zarafa 7.0.11
Zarafa Zarafa 7.0.13
Zarafa Zarafa 7.0.6
Zarafa Zarafa 7.0.8
445
VMScore
CVE-2014-9465
senddocument.php in Zarafa WebApp prior to 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x prior to 7.1.12 beta 1 and 7.2.x prior to 7.2.0 beta 1 allows remote malicious users to cause a denial of service (/tmp disk consumption) by uploading a large number of ...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Zarafa Zarafa Collaboration Platform 7.0.3
Zarafa Zarafa Collaboration Platform 7.0.5
Zarafa Zarafa Collaboration Platform 7.0.12
Zarafa Zarafa Collaboration Platform 7.1.0
Zarafa Zarafa Collaboration Platform 7.1.7
Zarafa Zarafa Collaboration Platform 7.1.9
Zarafa Webapp
Zarafa Zarafa Collaboration Platform 7.0.0
Zarafa Zarafa Collaboration Platform 7.0.1
Zarafa Zarafa Collaboration Platform 7.0.2
Zarafa Zarafa Collaboration Platform 7.1.2
Zarafa Zarafa Collaboration Platform 7.1.3
Zarafa Zarafa Collaboration Platform 7.1.4
Zarafa Zarafa Collaboration Platform 7.1.5
Zarafa Zarafa Collaboration Platform 7.0.7
Zarafa Zarafa Collaboration Platform 7.0.8
Zarafa Zarafa Collaboration Platform 7.0.9
Zarafa Zarafa Collaboration Platform 7.0.10
Zarafa Zarafa Collaboration Platform 7.0.11
Zarafa Zarafa Collaboration Platform 7.1.10
383
VMScore
CVE-2019-7219
Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and previous versions. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product i...
Zarafa Webaccess 7.2.0-48204
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started