Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer.
CPE | Name | Operator | Version |
---|---|---|---|
internet_campus_solution | eq | 9 | |
moxiemanager | lt | 2.1.4 |