漏洞描述
【漏洞对象】Zimbra Collaboration Suite 【涉及版本】Zimbra Collaboration Suite 8.5-8.7.11【漏洞描述】Zimbra CollaborationSuite(ZCS)是美国Zimbra公司的一款开源协同办公套件。该产品包括WebMail、日历、通信录等。该漏洞主要是因为mailboxd组件的返回信息有区别,攻击者可借助返回的‘HTTP404 -账户未激活’和‘HTTP 401 - 需认证’页面利用该漏洞枚举账户
Zimbra 用户枚举漏洞(CVE-2018-10949)
PoC代码
暂无相关漏洞推荐
-
CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution POC
2025-09-01 | Zimbra Collaboration Suite 8.8.15 9.0Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP arc... -
CVE-2013-7091: Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion POC
2025-08-01 | Zimbra Collaboration ServerA directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20Tem... -
CVE-2018-14013: Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting POC
2025-08-01 | Synacor Zimbra Collaboration Suite CollaborationSynacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting... -
CVE-2018-1000600: Pre-auth Fully-responded SSRF POC
2025-09-01 | Pre-authA exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier... -
CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC
2025-09-01 | JenkinsA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...