Multiple ManageEngine Products CVE-2014-6034 Arbitrary File Upload Vulnerability
Multiple ManageEngine Products are prone to an arbitrary file-upload vulnerability.
An attacker can exploit this issue to upload arbitrary code and run it in the context of the web server process; other attacks are also possible.
The following products are vulnerable:
ManageEngine OpManager 8.8 through 11.3
ManageEngine Social IT Plus 11.0
ManageEngine IT360 10.4