VYPR

Server

by IceWarp

Source repositories

CVEs (27)

  • CVE-2020-14064Jul 15, 2020
    risk 0.00cvss epss 0.01

    IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

  • CVE-2019-19265Jan 6, 2020
    risk 0.00cvss epss 0.01

    IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.

  • CVE-2019-19266Jan 6, 2020
    risk 0.00cvss epss 0.01

    IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.

  • CVE-2011-3580Sep 30, 2011
    risk 0.00cvss epss 0.02

    IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.

  • CVE-2008-5734Dec 26, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote attackers to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message.

  • CVE-2007-5046Sep 24, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Webmail interface for IceWarp Merak Mail Server before 9.0.0 allows remote attackers to inject arbitrary JavaScript via a javascript: URI in an attribute of an element in an email message body, as demonstrated by the onload…

  • CVE-2005-1488May 11, 2005
    risk 0.00cvss epss 0.00

    Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) the E-mail address, Note, or Public Certificate fields to address.html, (2)…

Page 2 of 2