Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
merak mail server 7.4.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1720
The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote malicious users to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since th...
Merak Mail Server 7.4.5
1 EDB exploit
NA
CVE-2004-1719
Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spa...
Merak Mail Server 7.4.5
4 EDB exploits
NA
CVE-2004-1669
Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter...
Merak Mail Server 7.4.5
Icewarp Web Mail 3.3.2
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
NA
CVE-2004-1670
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote malicious users to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary file...
Icewarp Web Mail 5.2.8
Merak Mail Server 7.4.5
Icewarp Web Mail 3.3.2
Icewarp Web Mail 5.2.7
NA
CVE-2004-1674
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to (1) delete arbitrary files via the originalfolder parameter or (2) move arbitrary files via the messageid parameter.
Icewarp Web Mail 5.2.8
Merak Mail Server 7.4.5
Icewarp Web Mail 3.3.2
Icewarp Web Mail 5.2.7
NA
CVE-2004-1722
SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote malicious users to execute arbitrary SQL statements via the schedule parameter.
Merak Mail Server 7.5.2
1 EDB exploit
NA
CVE-2004-1673
accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote malicious users to create text files with arbitrary content via the accountid parameter.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1671
Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2004-1672
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote malicious users to view other users' attachments by specifying the username and message ID in an HTTP request.
Icewarp Web Mail 5.2.7
Icewarp Web Mail 5.2.8
Icewarp Web Mail 3.3.2
NA
CVE-2009-1469
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server prior to 9.4.2 makes it easier for remote malicious users to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header...
Icewarp Webmail Server 2.10.170
Icewarp Webmail Server 2.10.200
Icewarp Webmail Server 2.10.290
Icewarp Webmail Server 2.10.320
Icewarp Webmail Server 3.00.120
Icewarp Webmail Server 3.00.130
Icewarp Webmail Server 4.2.1
Icewarp Webmail Server 4.2.2
Icewarp Webmail Server 5.4.1
Icewarp Webmail Server 5.4.2
Icewarp Webmail Server 5.5.7
Icewarp Webmail Server 5.7.3
Icewarp Webmail Server 6.0.2
Icewarp Webmail Server 6.0.3
Icewarp Webmail Server 6.0.5
Icewarp Webmail Server 7.1.6
Icewarp Webmail Server 7.2.0
Icewarp Webmail Server 8.0.1
Icewarp Webmail Server 8.0.3
Icewarp Webmail Server 8.9.1
Icewarp Webmail Server 9.0.0
Icewarp Webmail Server 9.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »