Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2011-3580
Disclosure Date: September 30, 2011 (last updated October 04, 2023)
IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
0
Attacker Value
Unknown
CVE-2011-3579
Disclosure Date: September 30, 2011 (last updated October 04, 2023)
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.
0
Attacker Value
Unknown
CVE-2008-5734
Disclosure Date: December 26, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 allows remote attackers to inject arbitrary web script or HTML via an IMG element in an HTML e-mail message.
0
