CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-45550

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00169EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 6:24 a.m.•4 views

CVE-2024-50599

A reflected Cross-Site Scripting XSS vulnerability has been identified in Zimbra Collaboration Suite ZCS 8.8.15, affecting one of the webmail calendar endpoints. This arises from improper handling of user-supplied input, allowing an attacker to inject malicious code that is reflected back in the...

6.1CVSS5.7AI score0.21606EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:0 a.m.•5 views

CVE-2023-41013

Cross Site Scripting XSS in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

6.1CVSS6AI score0.00169EPSS

Exploits0

NVD•added 2024/11/07 9:15 p.m.•15 views

CVE-2024-50599

6.1CVSS0.21606EPSS

Exploits0References2

Prion•added 2023/09/12 12:15 p.m.•12 views

Cross site scripting

Cross Site Scripting XSS in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

5.8CVSS6AI score0.00169EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/09/12 12:0 a.m.•13 views

CVE-2023-41013

Cross Site Scripting XSS in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

6.2AI score0.00169EPSS

Exploits0References2

CVE•added 2023/09/12 12:0 a.m.•26 views

CVE-2023-41013

CVE-2023-41013 affects IceWarp Webmail Calendar (IceWarp 10.3.1). The issue is a Cross Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the p4 field. The provided connected documents identify the affected product/version and the vulnerable...

6.1CVSS6AI score0.00169EPSS

Exploits0References2Affected Software1

OSV•added 2021/07/07 2:15 p.m.•3 views

CVE-2020-25925

Cross Site Scripting XSS in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

6.1CVSS6.5AI score0.00195EPSS

Exploits1References1

NVD•added 2021/07/07 2:15 p.m.•10 views

CVE-2020-25925

Cross Site Scripting XSS in Webmail Calender in IceWarp WebClient 10.3.5 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

6.1CVSS0.00195EPSS

Exploits1References1

CVE•added 2021/07/07 1:53 p.m.•39 views

CVE-2020-25925

CVE-2020-25925 describes a cross-site scripting (XSS) flaw in IceWarp WebClient’s Webmail Calendar (version 10.3.5). The vulnerability allows an attacker to inject arbitrary web script or HTML through the p4 field, enabling client-side code execution. The available connected documents confirm the...

6.1CVSS6AI score0.00195EPSS

Exploits1References1Affected Software1

Packet Storm•added 2019/06/04 12:0 a.m.•131 views

IceWarp 10.4.4 Local File Inclusion

Exploit Title: IceWarp =10.4.4 local file include Date: 02/06/2019 Exploit Author: JameelNabbo Website: uitsec.com Vendor Homepage: http://www.icewarp.com Software Link: https://www.icewarp.com/downloads/trial/ Version: 10.4.4 Tested on: Windows 10 CVE: CVE-2019-12593 POC:...

5CVSS7.6AI score0.83473EPSS

Exploits5

NVD•added 2019/06/03 5:29 p.m.•11 views

CVE-2019-12593

IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal...

7.5CVSS7.4AI score0.83473EPSS

Exploits5References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by