IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) exists to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.
icewarp webclient dc2 13.0.2.9