Vulnerabilities > Trendmicro > Email Encryption Gateway > 5.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-23 | CVE-2018-10356 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. | 9.0 |
| 2018-05-23 | CVE-2018-10355 | Insufficiently Protected Credentials vulnerability in Trendmicro Email Encryption Gateway 5.5 An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. | 1.9 |
| 2018-05-23 | CVE-2018-10354 | OS Command Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. | 9.0 |
| 2018-05-23 | CVE-2018-10353 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. | 4.0 |
| 2018-05-23 | CVE-2018-10352 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class. | 6.5 |
| 2018-05-23 | CVE-2018-10351 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. | 9.0 |
| 2018-03-15 | CVE-2018-6230 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 8.3 |
| 2018-03-15 | CVE-2018-6229 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 10.0 |
| 2018-03-15 | CVE-2018-6228 | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 10.0 |
| 2018-03-15 | CVE-2018-6227 | Cross-site Scripting vulnerability in Trendmicro Email Encryption Gateway 5.5 A stored cross-site scripting (XSS) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems. | 3.5 |