IceWarp Software LFI / Arbitary File Upload Vulnerabilities

Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...

CVE-2008-5734

Cross-site scripting XSS vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote attackers to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message...

CVE-2008-5734

Cross-site scripting XSS vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote attackers to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message...

CVE-2008-5734

IceWarp Merak Mail Server Web Mail (IceWarp Merak Mail Server 9.3.2) is affected by CVE-2008-5734: an XSS flaw where an IMG tag in HTML emails is not sanitized, allowing a remote attacker to inject arbitrary script/HTML into a user’s browser. Root cause: improper sanitization of IMG HTML tag inpu...

Security Issue in Icewarp

Icewarp is one the world's most used web mail software. It's another product of Merak Mail developers. There is an seccurity issue in Icewarp. It's like this: When you create a new user , icewarp gives him a static number. If this user does not logout after checking his inbox you can access his...