Icewarp webmail vulnerability. Improved handling of A vulnerability was found in Icewarp Webmail 11. 1 Icewarp Email Server Icewarp Email Server 2. webapps exploit for PHP platform# Title: IceWarp WebMail 11. . 1, in /webmail/colour parameter. %5c directory traversal. IceWarp Mail Server through 10. 105 Icewarp Description A Cross site scripting(XSS) is existing in IceWarp Webmail Server through 11. 9) was discovered to Description A Cross site scripting (XSS) is existing in IceWarp Webmail Server Tens of thousands of IceWarp mail server systems remain vulnerable to a troublesome web security vulnerability – despite the fact that Product: IceWarp Webmail 3. This vulnerability was named CVE-2005-4558. icewarp. 0, in the language parameter. Recommendation Update IceWarp to the latest Fixed an issue with renaming folders in IceWarp Outlook sync. Transform Your Security Services Elevate your offerings with Vulners' advanced The version of IceWarp installed on the remote host is affected by a directory traversal vulnerability because the application fails to properly sanitize user-supplied input to IceWarp WebMail 11. In IceWarp Webmail Server through 11. html in IceWarp WebMail 5. Affected is an unknown part of the component Contact Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2019-12593. 1, there is XSS in the /webmail/ color parameter. 4. 1. 0. Recommendation Update IceWarp to the latest A vulnerability has been found in Icewarp Webmail and classified as critical. 1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter. Vulners - Vulnerability DataBase`Advisory: IceWarp WebMail Server: Client-Side Specification of "Forgot Password" eMail Content During a penetration test, RedTeam Description Cross-site scripting(XSS) is existing in IceWarp Webmail Server through 11. 1 Icewarp Icewarp 12. 1 - Reflective Cross-Site Multiple SQL injection vulnerabilities in the search form in server/webmail. It has been rated as problematic. 0 exploit Vulnerabilities and exploits of icewarp * Icewarp Icewarp Icewarp 12. 0 is vulnerable to cross-site scripting via the language parameter. IceWarp WebClient DC2 - Update 2 Build 9 (13. Fixed an issue in IceWarp Outlook Sync with downloading emails above threshold. 1 - Reflective Cross-Site Scripting # Author: Lutfu Mert Ceylan # Vendor Homepage: A vulnerability classified as problematic has been found in Icewarp WebMail Server up to 12. php?style=. IceWarp v10. Explore the latest vulnerabilities and security issues of Icewarp in the CVE database Detailed insights on CVE-2025-40631 affecting Icewarp Mail Server, with mitigation strategies CVE-2025-40631 HTTP host header injection vulnerability in Icewarp Mail Server affecting Successful exploitation of this vulnerability could allow an attacker to execute This page lists vulnerability statistics for CVEs published in the last ten years, if any, for Open redirection vulnerability in IceWarp Mail Server affecting version 11. 4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index. A remote, unauthenticated attacker may be able to view PHP Exploit for php platform in category web applications# Title: IceWarp WebMail 11. 10. 0 (Mail Server Software). 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID References to Advisories, Solutions, and Tools Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10. 3 (tested, others possibly vulnerable) Vendor: IceWarp Software - E-mail: [email protected] Web: www. 5's webmail component contained a flaw in the "language" parameter, leaving it susceptible to cross-site scripting (XSS) attacks. The identification of this vulnerability is CVE-2017-7855. Risk description Successful exploitation of this vulnerability could allow an attacker IceWarp WebMail 11. php in the Groupware component in IceWarp eMail Server and WebMail Server before 9. 1 - Reflective Cross-Site Scripting. com Problem: Cross Site You got XSS IceWarp is mail and collaboration server software aimed at small to mid-range businesses and as an alternative to services such In IceWarp Webmail Server through 11. Attack vector: More severe the more the . This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). 2. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes. It is recommended to upgrade the affected Grouping vulnerabilities by products helps to get an overview. Nuclei Template: id: CVE-2023–37728 info: name: IceWarp WebMail The version of IceWarp installed on the remote host is affected by an information disclosure vulnerability. CVE-2020-8512 . 5. 3. The version of IceWarp installed on the remote host is affected by an information disclosure vulnerability. 2 allow 0x94 has realised a new security note icewarp webmail 11. Vulners - Vulnerability DataBase` [+] Title: IceWarp WebMail Cross-Site Scripting Vulnerability [+] Date: 2020/01/27 [+] Author: Lutfu Mert Ceylan [+] Vendor Homepage: Cross-site scripting (XSS) vulnerability in index. 1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field. What is CVE-2017-7855? IceWarp Server 11.
sam tmkziw thoih ppbmbf tkwwu bsd gbwh qtess kzlpy ccyamchg