Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp mail server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-14065
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload files and consume disk space.
Icewarp Mail Server 12.3.0.1
3 Github repositories
9.8
CVSSv3
CVE-2023-39699
IceWarp Mail Server v10.4.5 exists to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows malicious users to include or execute files from the local file system of the targeted server.
Icewarp Mail Server 10.4.5
6.1
CVSSv3
CVE-2023-39700
IceWarp Mail Server v10.4.5 exists to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.
Icewarp Mail Server 10.4.5
6.1
CVSSv3
CVE-2018-7475
Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote malicious users to inject arbitrary web script or HTML.
Icewarp Mail Server 12.0.3
4.8
CVSSv3
CVE-2017-12844
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
Icewarp Mail Server 10.4.4
NA
CVE-2008-0218
Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote malicious users to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Merak Icewarp Mail Server
1 EDB exploit
NA
CVE-2005-0321
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html, or (4) calendar_y.html, which reveal the installation path.
Merak Mail Server 7.6.0
Icewarp Web Mail 5.3.0
NA
CVE-2005-3133
Multiple directory traversal vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote malicious users to (1) delete arbitrary files or directories via a relative path to the id parameter to logout.html or (2) include ar...
Icewarp Web Mail 5.5.1
Merak Mail Server 8.2.4r
1 EDB exploit
NA
CVE-2005-3131
Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to blank.html, or the createdataCX parameter to...
Merak Mail Server 8.2.4r
Icewarp Web Mail 5.5.1
4 EDB exploits
NA
CVE-2005-3132
MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote malicious users to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message.
Icewarp Web Mail 5.5.1
Merak Mail Server 8.2.4r
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »