Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-8892

Malware in sbrugna...

5.4CVSS5.6AI score0.00602EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:38 a.m.8 views

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 2 of 2 in notes for objects...

5.4CVSS6.1AI score0.00602EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:25 a.m.7 views

CVE-2019-19265

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 1 of 2 in notes for contacts...

6.1CVSS6.1AI score0.00866EPSS
Exploits2References1
CNVD
CNVD
added 2020/02/04 12:0 a.m.2 views

IceWarp Webmail Server color Cross-Site Scripting Vulnerability

IceWarp Webmail Server is a WEB mail server. IceWarp Webmail Server color handling suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to gain access to sensitive information or hijack...

6.1CVSS6.4AI score0.14834EPSS
Exploits5References1
OSV
OSV
added 2020/02/01 12:15 a.m.3 views

CVE-2020-8512

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter...

6.1CVSS6.3AI score0.14834EPSS
Exploits5References3
NVD
NVD
added 2020/02/01 12:15 a.m.27 views

CVE-2020-8512

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter...

6.1CVSS6AI score0.14834EPSS
Exploits5References3
Cvelist
Cvelist
added 2020/01/31 11:5 p.m.23 views

CVE-2020-8512

In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter...

6AI score0.14834EPSS
Exploits5References3
CNVD
CNVD
added 2020/01/07 12:0 a.m.3 views

IceWarp WebMail Server Cross-Site Scripting Vulnerability (CNVD-2020-02978)

IceWarp WebMail Server is a Web-based mail server product from the U.S. company IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A cross-site scripting vulnerability exists in object annotations in IceWarp WebMail Server version 12.2.0 and...

5.4CVSS6.3AI score0.00602EPSS
Exploits2References1
Prion
Prion
added 2020/01/06 12:15 a.m.16 views

Cross site scripting

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 2 of 2 in notes for objects...

3.5CVSS5.2AI score0.00602EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/01/06 12:9 a.m.18 views

CVE-2019-19265

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 and probably earlier versions allows XSS issue 1 of 2 in notes for contacts...

6.1AI score0.00866EPSS
Exploits2References2
CVE
CVE
added 2020/01/06 12:9 a.m.103 views

CVE-2019-19265

IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 are affected by a cross-site scripting vulnerability in notes for contacts. The root cause is lack of proper validation of client data by the WEB application, enabling attacker-supplied content (e.g., manipulated vCard) to execute JavaScrip...

6.1CVSS6AI score0.00866EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/01/06 12:0 a.m.97 views

CVE-2019-19266

IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 are affected by a Cross‑Site Scripting (XSS) vulnerability in object notes. The root cause is lack of proper validation of client‑side data by the WEB application, allowing injected JavaScript to execute when notes are displayed to users....

5.4CVSS5.2AI score0.00602EPSS
Exploits2References2Affected Software1
seebug.org
seebug.org
added 2009/05/06 12:0 a.m.46 views

IceWarp WebMail口令取回功能输入验证漏洞

BUGTRAQ ID: 34827 CVECAN ID: CVE-2009-1469 Merak Email Server是一个全面的办公室局域网或Internet通讯邮件解决方案。 Merak邮件服务器的WebMail模块在登陆页面提供了“忘记口令”取回功能,忘记了登录口令的用户可以在这里向邮件服务器提供他们的邮件地址,之后服务器检查系统中是否存在这个地址并将相关的用户口令发回到这个地址。 在点击Forgot Password页面的提交按键时,所发送的HTTP POST请求包含有类似于以下的负载:...

4.3CVSS6.5AI score0.04885EPSS
Exploits3
securityvulns
securityvulns
added 2009/05/05 12:0 a.m.58 views

[RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component

Advisory: IceWarp WebMail Server: SQL Injection in Groupware Component During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in the IceWarp WebMail Server. Attackers that are in control of a user account for the web-based email and groupware components are able to execut...

6.5CVSS7.7AI score0.01925EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.90 views

IceWarp Merak WebMail Server < 9.4.2 Multiple Vulnerabilities

Binary data 5019.prm...

6.5CVSS7AI score0.04885EPSS
Exploits9References4
Rows per page
Query Builder