[+] Title: IceWarp WebClient

[+] Author: veyselxan

[+] Vendor Homepage:https://www.icewarp.com/

[+] Tested on: Windows 10

[+] Versions: 13.0.2.9

[+] Fix version: DC2 - Update 2 Build 10 (13.0.2.10)

[+] Vulnerability Type: SQL injection

[+] Vulnerable Parameter: "search" 

[+] Vulnerable File: webmail/server/webmail.php

[+] Cve:CVE-2022-35115 

IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.