CVE-2015-5149
CVE-2015-5149 affects Zoho ManageEngine SupportCenter Plus 7.90. A directory traversal flaw in the workorder/Attachment.jsp path allows remote authenticated users to write arbitrary files by manipulating the component parameter (using .. style traversal). The vulnerability is caused by insufficie...