Icewarp : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2023-39699

IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows attackers to include or execute files from the local file system of the targeted server.
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-08-25
Updated
2023-08-30

CVE-2022-35115

IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.
Max CVSS
9.8
EPSS Score
0.16%
Published
2022-08-23
Updated
2022-08-25
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close