Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icewarp web mail vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-7475
Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote malicious users to inject arbitrary web script or HTML.
Icewarp Mail Server 12.0.3
4.8
CVSSv3
CVE-2017-12844
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
Icewarp Mail Server 10.4.4
NA
CVE-2009-1467
Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server prior to 9.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML...
Icewarp Webmail Server 2.10.115
Icewarp Webmail Server 2.10.150
Icewarp Webmail Server 2.10.240
Icewarp Webmail Server 2.10.250
Icewarp Webmail Server 2.10.340
Icewarp Webmail Server 2.10.350
Icewarp Webmail Server 3.10.110
Icewarp Webmail Server 4.00.30
Icewarp Webmail Server 4.4.2
Icewarp Webmail Server 5.1.2
Icewarp Webmail Server 5.5.3
Icewarp Webmail Server 5.5.4
Icewarp Webmail Server 5.8.4
Icewarp Webmail Server 5.8.5
Icewarp Webmail Server 6.1.0
Icewarp Webmail Server 6.2.1
Icewarp Webmail Server 7.4.5
Icewarp Webmail Server 7.5.2
Icewarp Webmail Server 8.2.2
Icewarp Webmail Server 8.3.5
Icewarp Webmail Server 2.10.110
Icewarp Webmail Server 9.2.0
2 EDB exploits
NA
CVE-2009-1516
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent malicious users to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly de...
Icewarp Merak Mail Server 9.4.1
1 EDB exploit
NA
CVE-2008-5734
Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote malicious users to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message.
Icewarp Merak Mail Server 9.3.2
NA
CVE-2008-0218
Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote malicious users to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Merak Icewarp Mail Server
1 EDB exploit
NA
CVE-2006-0817
Absolute path directory traversal vulnerability in (a) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (b) VisNetic MailServer prior to 8.5.0.5 allows remote malicious users to include arbitrary files via a full Windows path and drive letter in the (1)...
Deerfield Visnetic Mail Server 8.3.5
Icewarp Web Mail 5.6.0
Merak Mail Server 8.3.8r
NA
CVE-2006-0818
Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer prior to 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Wi...
Icewarp Web Mail 5.6.0
Merak Mail Server 8.3.8r
Deerfield Visnetic Mail Server 8.3.5
NA
CVE-2006-2484
Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the PHPSESSID parameter.
Icewarp Web Mail 3.3.2
Icewarp Web Mail 3.4.1
Icewarp Web Mail 5.3
Icewarp Web Mail 5.3.1
Icewarp Web Mail 3.4.2
Icewarp Web Mail 3.5.0
Icewarp Web Mail 3.5.1
Icewarp Web Mail 5.3.2
Icewarp Web Mail 5.4
Icewarp Web Mail 3.1.4
Icewarp Web Mail 3.3.1
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 1.40.00
Icewarp Web Mail 1.40.10
Icewarp Web Mail 4.1.4
Icewarp Web Mail 4.1.5
Icewarp Web Mail 5.5.1
NA
CVE-2005-4557
dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote malicious users to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulner...
Merak Mail Server 8.3.0r
Deerfield Visnetic Mail Server 8.3.0 Build1
Icewarp Web Mail 5.5.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »