VYPR

IceWarp Mail Server

by IceWarp

CVEs (3)

  • CVE-2018-16324MedSep 1, 2018
    risk 0.40cvss 6.1epss 0.01

    In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

  • CVE-2011-3579Sep 30, 2011
    risk 0.03cvss epss 0.05

    server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in…

  • CVE-2011-3580Sep 30, 2011
    risk 0.00cvss epss 0.02

    IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.