Lucene search
+L

21 matches found

Exploit DB
Exploit DB
added 2019/07/24 12:0 a.m.284 views

Trend Micro Deep Discovery Inspector IDS - Security Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DEEP-DISCOVERY-INSPECTOR-PERCENT-ENCODING-IDS-BYPASS.txt + ISR: Apparition Security Vendor www.trendmicro.com Product Deep Discovery Inspector Deep Discovery...

7.4AI score
Exploits0
NVD
NVD
added 2018/09/28 5:29 p.m.31 views

CVE-2018-15365

A Reflected Cross-Site Scripting XSS vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability...

5.4CVSS5.3AI score0.00815EPSS
Exploits1References2
CVE
CVE
added 2018/09/28 5:0 p.m.48 views

CVE-2018-15365

Affected product: Trend Micro Deep Discovery Inspector (DDI)

5.4CVSS5.2AI score0.00815EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/08/03 3:29 p.m.26 views

CVE-2017-11382

Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. Formerly ZDI-CAN-4350...

7.5CVSS7.5AI score0.02453EPSS
Exploits0References3
NVD
NVD
added 2017/08/01 3:29 p.m.13 views

CVE-2017-11380

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

9.8CVSS9.6AI score0.01464EPSS
Exploits0References2
Prion
Prion
added 2017/08/01 3:29 p.m.12 views

Design/Logic Flaw

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1...

7.5CVSS9.5AI score0.01464EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/01 3:0 p.m.24 views

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

8.1AI score0.00464EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2017/04/11 12:0 a.m.26 views

Trend Micro Deep Discovery Email Inspector policy_setting Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within policysetting.php. The issue results from the lack of prope...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/03/09 12:0 a.m.27 views

Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within writenewhtmlwithsvg.php. The issue results from the lack of...

10CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/03/09 12:0 a.m.27 views

Trend Micro Deep Discovery Email Inspector download_pdf Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within downloadpdf.php. The issue results from the lack of proper...

10CVSS7.1AI score
Exploits0References1
0day.today
0day.today
added 2016/07/29 12:0 a.m.64 views

Trend Micro Deep Discovery 3.7 / 3.8 SP1 (3.81) / 3.8 SP2 (3.82) - hotfix_upload.cgi Filename Remote

Exploit for linux platform in category web applications Version: TDA 2.6.1062r1 Summary: The hotfixupload.cgi file contains a flaw allowing a user to execute commands under the context of the root user. Details: The hotfixupload.cgi file is used to upload files hot fixes. Below is a sample of the...

9CVSS7AI score0.07768EPSS
Exploits2
exploitpack
exploitpack
added 2016/07/29 12:0 a.m.23 views

Trend Micro Deep Discovery 3.73.8 SP1 (3.81)3.8 SP2 (3.82) - hotfix_upload.cgi Filename Remote Code Execution

Trend Micro Deep Discovery 3.73.8 SP1 3.813.8 SP2 3.82 - hotfixupload.cgi Filename Remote Code Execution Version: TDA 2.6.1062r1 Summary: The hotfixupload.cgi file contains a flaw allowing a user to execute commands under the context of the root user. Details: The hotfixupload.cgi file is used to...

8.1AI score
Exploits0
NVD
NVD
added 2016/06/30 4:59 p.m.16 views

CVE-2016-5840

hotfixupload.cgi in Trend Micro Deep Discovery Inspector DDI 3.7, 3.8 SP1 3.81, and 3.8 SP2 3.82 allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header...

9CVSS7.4AI score0.07768EPSS
Exploits2References5
Cvelist
Cvelist
added 2016/06/30 4:0 p.m.25 views

CVE-2016-5840

hotfixupload.cgi in Trend Micro Deep Discovery Inspector DDI 3.7, 3.8 SP1 3.81, and 3.8 SP2 3.82 allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header...

7.3AI score0.07768EPSS
Exploits2References5
Exploit DB
Exploit DB
added 2016/03/27 12:0 a.m.59 views

Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-DDI-CSRF.txt Vendor: ==================== www.trendmicro.com Product: ========================================= Trend Micro Deep Discovery Inspector V3.8, 3.7 Deep...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.53 views

Trend Micro Deep Discovery Authentication Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-0818.txt Vendor: ================================ www.trendmicro.com Product: =================================== Trend Micro Deep Discovery 3.7.1096...

5.5CVSS0.1AI score0.02672EPSS
Exploits2
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.55 views

Trend Micro Deep Discovery XSS

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-081815b.txt Vendor: ================================ www.trendmicro.com Product: ============================================================== Trend Micro...

4.3CVSS0.02718EPSS
Exploits2
NVD
NVD
added 2015/08/23 3:59 p.m.25 views

CVE-2015-2872

Multiple cross-site scripting XSS vulnerabilities in Trend Micro Deep Discovery Inspector DDI on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions allow remote attackers to inject arbitrary web...

4.3CVSS5.7AI score0.02718EPSS
Exploits2References3
Cvelist
Cvelist
added 2015/08/23 3:0 p.m.27 views

CVE-2015-2872

Multiple cross-site scripting XSS vulnerabilities in Trend Micro Deep Discovery Inspector DDI on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions allow remote attackers to inject arbitrary web...

5.7AI score0.02718EPSS
Exploits2References3
0day.today
0day.today
added 2015/08/20 12:0 a.m.58 views

Trend Micro Deep Discovery 3.7.1096 Authentication Bypass / XSS Vulnerabilities

Exploit for php platform in category web applications + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-0818.txt Vendor: ================================ www.trendmicro.com Product:...

5.5CVSS6.5AI score0.02718EPSS
Exploits3
Rows per page
Query Builder