2 matches found
Directory traversal
Absolute path directory traversal vulnerability in 1 MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and 2 VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname i...
CVE-2005-4558
CVE-2005-4558 affects IceWarp Web Mail 5.5.1 (used by Merak Mail Server 8.3.0r and VisNetic Mail Server 8.3.0 build 1). The issue arises in mail/index.html where the language parameter lang_settings is not properly restricted before storage in the database, allowing remote authenticated users to ...