CVE-2018-6237

A vulnerability in Trend Micro Smart Protection Server Standalone 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service DoS...

CVE-2018-10350

A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server Standalone 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\bwlists\handler.php. Authentication is...