A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote malicious user to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trendmicro smart_protection_server 3.3 |
||
trendmicro smart_protection_server 3.2 |
||
trendmicro smart_protection_server 3.0 |
||
trendmicro smart_protection_server 3.1 |