Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp vulnerabilities and exploits
(subscribe to this query)
357
VMScore
CVE-2020-14065
IceWarp Email Server 12.3.0.1 allows remote malicious users to upload files and consume disk space.
Icewarp Mail Server 12.3.0.1
3 Github repositories
357
VMScore
CVE-2020-14064
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
Icewarp Mail Server 12.3.0.1
3 Github repositories
384
VMScore
CVE-2020-27982
IceWarp 11.4.5.0 allows XSS via the language parameter.
Icewarp Mail Server 11.4.5
NA
CVE-2023-39699
IceWarp Mail Server v10.4.5 exists to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows malicious users to include or execute files from the local file system of the targeted server.
Icewarp Mail Server 10.4.5
NA
CVE-2023-39700
IceWarp Mail Server v10.4.5 exists to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.
Icewarp Mail Server 10.4.5
435
VMScore
CVE-2008-0218
Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote malicious users to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Merak Icewarp Mail Server
1 EDB exploit
NA
CVE-2022-35115
IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) exists to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.
Icewarp Webclient Dc2 13.0.2.9
510
VMScore
CVE-2005-0320
Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) n...
Icewarp Web Mail 5.3
2 EDB exploits
NA
CVE-2023-40779
An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote malicious user to execute arbitrary code via a crafted request to the URL.
Icewarp Deep Castle G2 13.0.1.2
383
VMScore
CVE-2008-5734
Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote malicious users to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message.
Icewarp Merak Mail Server 9.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »