NotCVE - vendor:"Icewarp" product:"Web Mail" version:"3.4.2"

7 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 1

CVE-2006-2484

https://notcve.org/view.php?id=CVE-2006-2484

19 May 2006 — Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter. • http://securityreason.com/securityalert/925 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2004-1671

https://notcve.org/view.php?id=CVE-2004-1671

12 Oct 2004 — Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1

CVE-2004-1672

https://notcve.org/view.php?id=CVE-2004-1672

12 Oct 2004 — attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1

CVE-2004-1673

https://notcve.org/view.php?id=CVE-2004-1673

12 Oct 2004 — accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2004-1674

https://notcve.org/view.php?id=CVE-2004-1674

12 Oct 2004 — viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to (1) delete arbitrary files via the originalfolder parameter or (2) move arbitrary files via the messageid parameter. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2004-1669

https://notcve.org/view.php?id=CVE-2004-1669

10 Sep 2004 — Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

CVE-2004-1670

https://notcve.org/view.php?id=CVE-2004-1670

10 Sep 2004 — Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html. • http://marc.info/?l=bugtraq&m=109483971420067&w=2 •