Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-5339
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
694
VMScore
CVE-2010-5334
IceWarp Webclient prior to 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exp...
Icewarp Webclient
694
VMScore
CVE-2010-5335
IceWarp Webclient prior to 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properly sanitised and can the...
Icewarp Webclient
383
VMScore
CVE-2010-5336
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
Icewarp Webclient
383
VMScore
CVE-2010-5337
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
383
VMScore
CVE-2010-5338
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.
Icewarp Webclient
383
VMScore
CVE-2010-5340
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.
Icewarp Webclient
641
VMScore
CVE-2005-0322
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords.
Merak Mail Server 7.6.0
Icewarp Web Mail 5.3.0
Merak Mail Server 7.6.4r
Icewarp Web Mail 5.3.2
383
VMScore
CVE-2018-16324
In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.
Icewarp Mail Server
383
VMScore
CVE-2019-19265
IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.
Icewarp Mail Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »