ZDI-17-096: Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL Injection Remote Code Execution Vulnerability

ZDI-17-096: Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability.

http://feeds.feedburner.com/ZDI-Published-Advisories