Multiple ManageEngine Products CVE-2014-6034 Arbitrary File Upload Vulnerability

Multiple ManageEngine Products are prone to an arbitrary file-upload vulnerability.

An attacker can exploit this issue to upload arbitrary code and run it in the context of the web server process; other attacks are also possible.

The following products are vulnerable:

ManageEngine OpManager 8.8 through 11.3
ManageEngine Social IT Plus 11.0
ManageEngine IT360 10.4


Privacy Statement
Copyright 2010, SecurityFocus