4 matches found
IceWarp Merak Mail Server < 9.4.2 Multiple Vulnerabilities
IceWarp Merak Mail Server is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...
CVE-2009-1468
IceWarp eMail Server / WebMail Server prior to version 9.4.2 contains SQL injection vulnerabilities in the webmail groupware search (server/webmail.php). The flaws allow remote authenticated users to manipulate SQL through the sql and order_by elements within an XML search query, enabling arbitra...
IceWarp WebMail SQL Injection
Advisory: IceWarp WebMail Server: SQL Injection in Groupware Component During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in the IceWarp WebMail Server. Attackers that are in control of a user account for the web-based email and groupware components are able to execut...
[RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component
Advisory: IceWarp WebMail Server: SQL Injection in Groupware Component During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in the IceWarp WebMail Server. Attackers that are in control of a user account for the web-based email and groupware components are able to execut...