Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
merak icewarp mail server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4556
PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote malicious users to include arbitrary local and remote PHP files via a URL in the (1...
Merak Mail Server 8.3.0r
Deerfield Visnetic Mail Server 8.3.0 Build1
Icewarp Web Mail 5.5.1
2 EDB exploits
NA
CVE-2005-4558
IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users ...
Merak Mail Server 8.3.0r
Deerfield Visnetic Mail Server 8.3.0 Build1
Icewarp Web Mail 5.5.1
2 EDB exploits
NA
CVE-2005-4559
mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly initialize the default_layout and layout_settings variables when an unrecognized HTTP_USER_AGENT string is provided, which allows rem...
Merak Mail Server 8.3.0r
Deerfield Visnetic Mail Server 8.3.0 Build1
Icewarp Web Mail 5.5.1
1 EDB exploit
NA
CVE-2009-1469
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server prior to 9.4.2 makes it easier for remote malicious users to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header...
Icewarp Webmail Server 2.10.170
Icewarp Webmail Server 2.10.200
Icewarp Webmail Server 2.10.290
Icewarp Webmail Server 2.10.320
Icewarp Webmail Server 3.00.120
Icewarp Webmail Server 3.00.130
Icewarp Webmail Server 4.2.1
Icewarp Webmail Server 4.2.2
Icewarp Webmail Server 5.4.1
Icewarp Webmail Server 5.4.2
Icewarp Webmail Server 5.5.7
Icewarp Webmail Server 5.7.3
Icewarp Webmail Server 6.0.2
Icewarp Webmail Server 6.0.3
Icewarp Webmail Server 6.0.5
Icewarp Webmail Server 7.1.6
Icewarp Webmail Server 7.2.0
Icewarp Webmail Server 8.0.1
Icewarp Webmail Server 8.0.3
Icewarp Webmail Server 8.9.1
Icewarp Webmail Server 9.0.0
Icewarp Webmail Server 9.1.0
1 EDB exploit
NA
CVE-2009-1467
Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server prior to 9.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML...
Icewarp Webmail Server 2.10.115
Icewarp Webmail Server 2.10.150
Icewarp Webmail Server 2.10.240
Icewarp Webmail Server 2.10.250
Icewarp Webmail Server 2.10.340
Icewarp Webmail Server 2.10.350
Icewarp Webmail Server 3.10.110
Icewarp Webmail Server 4.00.30
Icewarp Webmail Server 4.4.2
Icewarp Webmail Server 5.1.2
Icewarp Webmail Server 5.5.3
Icewarp Webmail Server 5.5.4
Icewarp Webmail Server 5.8.4
Icewarp Webmail Server 5.8.5
Icewarp Webmail Server 6.1.0
Icewarp Webmail Server 6.2.1
Icewarp Webmail Server 7.4.5
Icewarp Webmail Server 7.5.2
Icewarp Webmail Server 8.2.2
Icewarp Webmail Server 8.3.5
Icewarp Webmail Server 2.10.110
Icewarp Webmail Server 9.2.0
2 EDB exploits
NA
CVE-2004-1673
accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote malicious users to create text files with arbitrary content via the accountid parameter.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2009-1468
Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server prior to 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and (2) order_by elements in an ...
Icewarp Webmail Server 2.10.210
Icewarp Webmail Server 2.10.220
Icewarp Webmail Server 2.10.320
Icewarp Webmail Server 2.10.330
Icewarp Webmail Server 3.00.140
Icewarp Webmail Server 2.10.170
Icewarp Webmail Server 3.10.011
Icewarp Webmail Server 4.2.3
Icewarp Webmail Server 4.4.1
Icewarp Webmail Server 5.4.2
Icewarp Webmail Server 5.4.3
Icewarp Webmail Server 5.8.2
Icewarp Webmail Server 5.8.3
Icewarp Webmail Server 6.0.5
Icewarp Webmail Server 6.0.7
Icewarp Webmail Server 7.2.0
Icewarp Webmail Server 7.4.0
Icewarp Webmail Server 8.0.2
Icewarp Webmail Server 8.2.0
Icewarp Webmail Server 9.1.0
Icewarp Webmail Server
Icewarp Email Server 2.10.110
1 EDB exploit
NA
CVE-2004-1671
Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1672
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to view other users' attachments by specifying the username and message ID in an HTTP request.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2005-0320
Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) n...
Icewarp Web Mail 5.3
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3