3 matches found
CVE-2018-3607
XXXTreeNode method SQL injection remote code execution RCE vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations...
CVE-2018-3607
XXXTreeNode method SQL injection remote code execution RCE vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations...
CVE-2018-3607
CVE-2018-3607 relates to Trend Micro Control Manager 6.0 with a SQL injection in the XXXTreeNode method that enables remote code execution. ZDI advisories detail specific vulnerable paths (InsertSelectedTreeNodeWithACL, sp_DeleteSelectedTreeNodesByRefKey, ClearSelectedTreeNode) and note that expl...