Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp mail server vulnerabilities and exploits
(subscribe to this query)
357
VMScore
CVE-2020-14064
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
Icewarp Mail Server 12.3.0.1
3 Github repositories
357
VMScore
CVE-2020-14065
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload files and consume disk space.
Icewarp Mail Server 12.3.0.1
3 Github repositories
NA
CVE-2023-39699
IceWarp Mail Server v10.4.5 exists to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows malicious users to include or execute files from the local file system of the targeted server.
Icewarp Mail Server 10.4.5
NA
CVE-2023-39700
IceWarp Mail Server v10.4.5 exists to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.
Icewarp Mail Server 10.4.5
312
VMScore
CVE-2017-12844
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
Icewarp Mail Server 10.4.4
580
VMScore
CVE-2020-14066
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload JavaScript files that are dangerous for clients to access.
Icewarp Mail Server 12.3.0.1
3 Github repositories
445
VMScore
CVE-2005-1489
Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html.
Icewarp Web Mail 5.4.2
Merak Mail Server 8.0.3
187
VMScore
CVE-2005-1490
Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html.
Icewarp Web Mail 5.4.2
Merak Mail Server 8.0.3
409
VMScore
CVE-2005-1491
Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html.
Merak Mail Server 8.0.3
Icewarp Web Mail 5.4.2
187
VMScore
CVE-2005-0321
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html, or (4) calendar_y.html, which reveal the installation path.
Merak Mail Server 7.6.0
Icewarp Web Mail 5.3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »