1 0 Day Exploits - Backward Logic
// test

Public Advisories

Some of our responsibly disclosed 0-day exploits

Command Injection

ZDI-16-348: Trend Micro InterScan Web Security ManagePatches filename Remote Code Execution Vulnerability

CVE-2016-5840: Trend Micro Deep Discovery hotfix_upload.cgi filename Remote Code Execution Vulnerability

SQL Injection

CVE-2015- 6004: What’s Up Gold “Find Device” search field does not properly neutralize user input (SQL injection)

ZDI-16- 455: Trend Micro Control Manager cgiCMUIDispatcher SQL Injection Remote Code Execution Vulnerability

ZDI-16- 456: Trend Micro Control Manager AdHocQuery_CustomProfiles SQL Injection Remote Code Execution Vulnerability

Local File Disclosure (LFD)

otx.alienvault.com Local File Disclosure

External XML Entity (XXE)

ZDI-16- 457: Trend Micro Control Manager TreeUserControl_process_tree_event External Entity Processing Information Disclosure Vulnerability

ZDI-16- 458: Trend Micro Control Manager ProductTree External Entity Processing Information Disclosure Vulnerability

ZDI-16- 459: Trend Micro Control Manager DeploymentPlan_Event_Handler External Entity Processing Information Disclosure Vulnerability

CVE-2017-6323: Symantec Management Console Multiple XXE prior to ITMS 8.1 RU1 ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7

Persistent Cross Site Scripting (XSS)

CVE-2015- 6005: Improper Neutralization of Script-Related HTML Tags in What’s Up Gold

CVE-2017-6322: Symantec Management Console Multiple XSS prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7

Reflected Cross Site Scripting (XSS)

CVE-2017-6322: Symantec Management Console Multiple XSS prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7

XPATH Injection

ZDI-16- 460: Trend Micro Control Manager AdHocQuery_SelectView XPATH Injection Information Disclosure Vulnerability

ZDI-16- 461: Trend Micro Control Manager AdHocQuery_SelectView XPATH Injection Information Disclosure Vulnerability (Second one)

Get A Free Quote Today

(888) 945-6442

Get A Complimentary Report!

Get A Complimentary Report!

Drop us a line and we will send you a quick report of the kinds of vulnerabilities you can expect us to find for you!

Check your email, the report is on it's way! Don't forget to check your spam folder just in case