Trend Micro Control Manager Multiple Security Vulnerabilities
Trend Micro Control Manager is prone to the following multiple security vulnerabilities:
1. Multiple SQL-injection vulnerabilities
2. A directory-traversal vulnerability
3. An authentication-bypass vulnerability
4. An XML-external entity vulnerability
Exploiting these issues could allow an attacker to access or modify data, or exploit latent vulnerabilities in the underlying database, bypass authentication mechanism, execute arbitrary code and obtain sensitive information. This may aid in further attacks.
Trend Micro Control Manager 6.0 is vulnerable.