131 matches found
CVE-2020-27010
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...
CVE-2020-8461
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token...
CVE-2020-27010
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...
Design/Logic Flaw
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access...
Design/Logic Flaw
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass CVE-2020-8461 and authentication bypass CVE-2020-8464 to execute code as user root...
Command injection
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password...
Cross site scripting
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product...
CVE-2020-8466
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password...
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass CVE-2020-8461 and authentication bypass CVE-2020-8464 to execute code as user root...
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...
CVE-2020-8464
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access...
CVE-2020-8464
CVE-2020-8464 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2. A vulnerability allows an attacker to craft requests that appear to originate from localhost, potentially exposing the product’s admin interface to users who would not normally have access. The available d...
Trend Micro InterScan Web Security Virtual Appliance 代码问题漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. An authentication bypass vulnerability exists in Trend Micro InterScan Web Security Virtua...
Trend Micro InterScan Web Security Virtual Appliance 跨站请求伪造漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A security vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance 6....
Trend Micro InterScan Web Security Virtual Appliance 授权问题漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command execution vulnerability exists in Trend Micro InterScan Web Security Virtual...
Trend Micro InterScan Web Security Virtual Appliance 跨站脚本漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A cross-site scripting vulnerability exists in Trend Micro InterScan Web Security Virtual...
Trend Micro InterScan Web Security Virtual Appliance 安全漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. An authorization bypass vulnerability exists in Trend Micro InterScan Web Security Virtual...
Trend Micro InterScan Web Security Virtual Appliance 跨站脚本漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A cross-site scripting vulnerability exists in Trend Micro InterScan Web Security Virtual...
Trend Micro InterScan Web Security Virtual Appliance 命令注入漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual...
Trend Micro InterScan Web Security Virtual Appliance Stack Overflow (CVE-2020-28578; CVE-2020-28579)
A stack overflow vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...