IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting

IceWarp Webmail Server through 11.4.4.1 contains a cross-site scripting vulnerability in the /webmail/ color parameter. id: CVE-2020-8512 info: name: IceWarp WebMail Server =11.4.4.2 or apply the vendor-provided patch to mitigate the vulnerability. reference: -...

CVE-2019-12095

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload...

EUVD-2009-1465

Malware in sbrugna...

EUVD-2008-4911

Malware in sbrugna...

EUVD-2019-8892

Malware in sbrugna...

EUVD-2013-6058

Malware in sbrugna...

EUVD-2013-2527

Malware in sbrugna...

EUVD-2000-0504

Malware in sbrugna...

EUVD-2013-5858

Malware in sbrugna...

EUVD-2022-38013

Malicious code in bioql PyPI...

CVE-2024-34539

Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged actions...

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 2 of 2 in notes for objects...

CVE-2019-19265

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 1 of 2 in notes for contacts...

NetWin SurgeMail 跨站脚本漏洞

NetWin SurgeMail is a full-featured SMTP / IMAP / POP / Webmail server from NetWin. A cross-site scripting vulnerability exists in NetWin SurgeMail version v78c2, which originates from a vulnerability that allows an attacker to execute arbitrary JavaScript code by injecting a carefully constructe...

CVE-2024-34539

Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged actions...

TerraMaster TOS Security Vulnerability

TerraMaster TOS is a Linux-based operating system from China's TerraMaster Corporation TerraMaster that is dedicated to the TerraMaster Cloud Storage NAS server. A security vulnerability exists in TerraMaster TOS version 5.1 and prior versions, which stems from the use of hard-coded credentials. ...

CVE-2024-34539

Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged actions...

CVE-2022-35115

IceWarp WebClient DC2 - Update 2 Build 9 13.0.2.9 was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php...

Sql injection

IceWarp WebClient DC2 - Update 2 Build 9 13.0.2.9 was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php...

CVE-2012-2593

Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...