Shodan
Vulnerabilities
Vulnerable Software
Icewarp:  >> Web Mail  >> 3.3.2  Security Vulnerabilities
CVE-2006-2484
Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2006-05-19
CVE-2004-1671
Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html.
CVSS Score
5.0
EPSS Score
0.005
Published
2004-10-12
CVE-2004-1672
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request.
CVSS Score
7.5
EPSS Score
0.01
Published
2004-10-12
CVE-2004-1673
accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter.
CVSS Score
7.5
EPSS Score
0.01
Published
2004-10-12
CVE-2004-1674
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to (1) delete arbitrary files via the originalfolder parameter or (2) move arbitrary files via the messageid parameter.
CVSS Score
7.5
EPSS Score
0.009
Published
2004-10-12
CVE-2004-1669
Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html.
CVSS Score
4.3
EPSS Score
0.004
Published
2004-09-10
CVE-2004-1670
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html.
CVSS Score
7.5
EPSS Score
0.01
Published
2004-09-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved