Filtered by vendor Icewarp
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14066 | 1 Icewarp | 1 Mail Server | 2020-07-22 | 6.5 MEDIUM | 8.8 HIGH |
| IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. | |||||
| CVE-2010-5334 | 1 Icewarp | 1 Webclient | 2019-10-17 | 7.8 HIGH | 7.5 HIGH |
| IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files. | |||||
| CVE-2010-5335 | 1 Icewarp | 1 Webclient | 2019-10-16 | 7.8 HIGH | 7.5 HIGH |
| IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files. | |||||
| CVE-2019-12593 | 1 Icewarp | 1 Mail Server | 2019-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal. | |||||
| CVE-2015-1503 | 1 Icewarp | 1 Mail Server | 2018-06-12 | 7.8 HIGH | 7.5 HIGH |
| Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php. | |||||