|
247751
|
7.0 |
HIGH
Local
|
trendmicro
|
email_encryption_gateway
|
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class.…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-10355
|
2024-11-21 12:41 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247752
|
8.8 |
HIGH
Network
|
trendmicro
|
email_encryption_gateway
|
A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a fla…
|
CWE-78
OS Command
|
CVE-2018-10354
|
2024-11-21 12:41 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247753
|
6.5 |
MEDIUM
Network
|
trendmicro
|
email_encryption_gateway
|
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a f…
|
CWE-89
SQL Injection
|
CVE-2018-10353
|
2024-11-21 12:41 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247754
|
8.8 |
HIGH
Network
|
trendmicro
|
email_encryption_gateway
|
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class.…
|
CWE-89
SQL Injection
|
CVE-2018-10352
|
2024-11-21 12:41 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247755
|
8.8 |
HIGH
Network
|
trendmicro
|
email_encryption_gateway
|
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class.…
|
CWE-89
SQL Injection
|
CVE-2018-10351
|
2024-11-21 12:41 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247756
|
6.1 |
MEDIUM
Network
|
ilias
|
ilias
|
error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the text of a PDO exception.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10307
|
2024-11-21 12:41 |
2018-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247757
|
6.1 |
MEDIUM
Network
|
ilias
|
ilias
|
Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x through 5.3.x before 5.3.4 allow XSS via an invalid date.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10306
|
2024-11-21 12:41 |
2018-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247758
|
7.0 |
HIGH
Local
|
printeron
|
printeron
|
PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-10327
|
2024-11-21 12:41 |
2018-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247759
|
5.4 |
MEDIUM
Network
|
printeron
|
printeron
|
PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configur…
|
CWE-79
Cross-site Scripting
|
CVE-2018-10326
|
2024-11-21 12:41 |
2018-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247760
|
9.0 |
CRITICAL
Network
|
phoenixcontact
|
fl_switch_3005_firmware
fl_switch_3005t_firmware
fl_switch_3004t-fx_firmware
fl_switch_3004t-fx_st_firmware
fl_switch_3008_firmware
fl_switch_3008t_firmware
fl_switch_3006t-2fx_firm…
|
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10731
|
2024-11-21 12:41 |
2018-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
