Bug Title | CVE/Ref | Vendor/Software | Date |
Multiple vulnerabilities (SQLi, LFI, XSS) | 612518, 612524, 612523, 612522 | Lansweeper 6.0.130.62, Lspush 6.0.100.32 | Feb 2018 |
SQL Injection Information Disclosure | ZDI-CAN-4409 | Trend Micro SafeSync for Enterprise | Mar 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4642/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4643/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4644/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4645/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4646/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4647/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4648/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4649/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4650/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4651/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4652/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4653/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4654/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4656/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4657/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4658/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4659/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4660/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4661/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4662/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4663/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4664/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4665/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4666/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4667/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4668/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4670/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4672/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4676/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4678/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4680/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4682/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4685/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4686/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4687/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4688/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4690/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4691/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4692/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4693/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4780/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4781/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4782/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4783/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4784/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4785/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4786/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4786/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4788/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4790/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4791/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4792/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4793/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4794/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4796/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4797/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4801/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4803/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4804/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4805/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4806/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4679/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4683/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Remote Agent Configuration Settings Information Disclosure | ZDI-CAN-4283 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
dlpCrawlerServerInvoker Deserialization of Untrusted Data | ZDI-CAN-4284 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listLogDatas SQL Injection | ZDI-CAN-4141 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEndPointDocScanResultLIs SQL Injection | ZDI-CAN-4142 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listReportDatas SQL Injection | ZDI-CAN-4143 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listRoleDatas SQL Injection | ZDI-CAN-4144 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
getSourceAcquisitionHistory SQL Injection | ZDI-CAN-4145 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listFingerprints SQL Injection | ZDI-CAN-4131 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listReportDefs SQL Injection | ZDI-CAN-4133 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEndpoints SQL Injection | ZDI-CAN-4134 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEntities SQL Injection | ZDI-CAN-4136 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listKeywords SQL Injection | ZDI-CAN-4137 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
fileAttribList SQL Injection | ZDI-CAN-4146 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
importComplianceTemplate XXE Processing File Disclosure | ZDI-CAN-4138 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
dataManagementList Remote File Delete DoS | ZDI-CAN-4120 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
exportdatatojsp Directory Trevrsal File Disclosure | ZDI-CAN-4119 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
Session Generation Authentication Bypass | CVE-2016-8584 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Directory Traversal Authentication Bypass | CVE-2016-7552 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Command Injection Remote Code Execution | CVE-2016-8586 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Information Disclosure | CVE-2016-7547 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Command Injection Remote Code Execution | CVE-2016-8585 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
dlp_policy_upload.cgi Remote Code Execution | CVE-2016-8587 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
hotfix_upload.cgi Command Injection Remote Code Execution | CVE-2016-8588 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_dlp.cgi Command Injection Remote Code Execution | CVE-2016-8589 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_dae.cgi Command Injection Remote Code Execution | CVE-2016-8590 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query.cgi Command Injection Remote Code Execution | CVE-2016-8591 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_system.cgi Command Injection Remote Code Execution | CVE-2016-8592 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
upload.cgi Remote Code Execution Vulnerability | CVE-2016-8593 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Reflected Cross Site Scripting | CVE-2017-5599 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
SQL Injection | CVE-2017-5598 | eClinicalWorks healow@work 8.0 build 8 | Jan 2017 |
SQL Injection | CVE-2017-5570 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
SQL Injection | CVE-2017-5569 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
UXSS | CVE-2016-8011 | McAfee Endpoint Security 10.2 and SiteAdvisor Enterprise 3.5 | Dec 2016 |
Unauthenticated Remote Code Execution | CVE-2016-9796 | Alcatel Lucent Omnivista 8770 2.0, 2.6, 3.0 and 3.1 | Dec 2016 |
Privilege Escalation | CVE-2016-2246 | HP ThinPro 4.4, 5.0, 5.1, 5.2, 5.2.1, 6.0, 6.1 | Oct 2016 |
PDF Library Information Disclosure | CVE-2016-3374 | Microsoft Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10 | Oct 2016 |
Predictable Session | CVE-2015-3326 | Trend Micro SMEX 10 SP2 | May 2016 |
ReDoS | CVE-2015-2526 | Microsoft .NET Framework 4.5, 4.5.1, 4.5.2 and 4.6 | September 2015 |
External JAR Injection | CVE-2015-2630 | Oracle e-Business Suite 11.5.10.2, 12.0.6, 12.1.3 | July 2015 |
Multiple Vulnerabilities | CVE-2015-2159 / CVE-2015-2160 / CVE-2015-2161 / CVE-2015-2162 / CVE-2015-2163 / CVE-2015-2164 / CVE-2015-2240 | FootPrints Service Core 11.0, 11.1, 11.6, 11.5 | May 2015 |
Root shell access - Kiosk Bypass | n/a | HP Thin Pro OS - T6X44017 | Apr 2015 |
Remote Code Execution and multiple vulnerabilities | CVE-2014-5287/5288 | Kemp Load Master (load balancer) v.7.1-16 | Apr 2015 |
Multiple vulnerabilities | CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 | IBM Rational Doors Next Generation, Composer and Requirements | Feb 2014 |
Reflected Cross Site Scripting | CVE-2013-6956 | Juniper - Junos Pulse Secure Access Service - SA700, SA2000, SA2500, SA4000, FIPS SA4000, SA4500, FIPS SA4500, SA6000, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, and MAG6611 | Apr 2014 |
Multiple vulnerabilities | CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 | IBM Rational Doors Next Generation, Composer and Requirements | Feb 2014 |
WAF Bypass | n/a | Barracuda Web Application Firewall | Oct 2013 |
Multiple Reflected XSS, 2 | ESRI - ArcGIS for Server 10.1, 10.2 | Sep 2013 | |
Unrestricted File Upload | CVE-2013-5221 | ESRI - ArcGIS for Server 10.1, 10.2 | Sep 2013 |
Cross Context Scripting (XCS) - about:history - Remote Code Execution | TBA | Maxthon | Dec 2012 |
Cross Context Scripting (XCS) - RSS - Remote Code Execution | TBA | Maxthon | Dec 2012 |
Privileged API Available On i.maxthon.com | TBA | Maxthon | Dec 2012 |
Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark Sidebar | TBA | Maxthon | Dec 2012 |
Incorrect Executable File Handling and Same Origin Policy Implementation | TBA | Maxthon | Dec 2012 |
Same of Origin Policy Bypass - browser:home | TBA | Avant Browser | Dec 2012 |
Cross Context Scripting - browser:home - Most Visited And History Tabs | TBA | Avant Browser | Dec 2012 |
Avant Browser - Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*) | TBA | Avant Browser | Dec 2012 |
CSRF | 2012-0550 | Oracle GlassFish Server | Apr 2012 |
Multiple Cross Site Scripting | 2012-0551 | Oracle GlassFish Server | Apr 2012 |
Use After Free | 2011-4152 | Opera | Oct 2011 |
DOM Cross Site Scripting | 2011-2133 | Adobe RoboHelp 9 | Aug 2011 |
ParanoidFragmentSink allows javascript: URLs in chrome documents | 2010-1585 | Mozilla Firefox / Thunderbird | Mar 2011 |
Session Fixation | 2010-4437 | Oracle WebLogic Server | Mar 2011 |
Multiple Cross Site Scripting Vulnerabilities | 2010-2406 | Oracle eBusiness Application | Oct 2010 |
HTTP Response Splitting | 2010-3514 | Oracle Sun Java System Web Server | Oct 2010 |
SOP Bypass | 2010-3573 | Oracle JRE java.net.URLConnection | Oct 2010 |
XML Entity and XML Injections | 2009-3960 | Multiple Adobe Products | Feb 2010 |
Chrome Privilege Code Execution | Update Scanner | Aug 2009 | |
Chrome Privilege Code Execution | Coolpreviews | Aug 2009 | |
Stored Cross Site Scripting | 2008-4725 | Opera | Oct 2008 |
Stored Cross Site Scripting | Google Analytics | Oct 2008 | |
Local File Disclosure | 2008-2045 | SugarCRM | Apr 2008 |
Reflected Cross Site Scripting | DotNetNuke | Aug 2006 |
Have you ever encountered a zero client or a thin client? It looks something like this...
If yes, keep reading below, if not, then if you encounter one, you know what you can do if you read below...
The model above is a T520, produced by HP - this model and other similar models are typically employed to support a medium/large VDI (Virtual Desktop Infrastructure) enterprise.
These clients run a Linux-based HP ThinPro OS by default and I had a chance to play with image version T6X44017 in particular, which is fun to play with it, since you can get a root shell in a very short time without knowing any password...
Normally, HP ThinPro OS interface is configured in a kiosk mode, as the concept of a thin/zero client is based on using a thick client to connect to another resource. For this purpose, a standard user does not need to authenticate to the thin client per se and would just need to perform a connection - e.g. VMware Horizon View. The user will eventually authenticate through the c…
If yes, keep reading below, if not, then if you encounter one, you know what you can do if you read below...
The model above is a T520, produced by HP - this model and other similar models are typically employed to support a medium/large VDI (Virtual Desktop Infrastructure) enterprise.
These clients run a Linux-based HP ThinPro OS by default and I had a chance to play with image version T6X44017 in particular, which is fun to play with it, since you can get a root shell in a very short time without knowing any password...
Normally, HP ThinPro OS interface is configured in a kiosk mode, as the concept of a thin/zero client is based on using a thick client to connect to another resource. For this purpose, a standard user does not need to authenticate to the thin client per se and would just need to perform a connection - e.g. VMware Horizon View. The user will eventually authenticate through the c…
Comments