Novell ZENworks Configuration Management Arbitrary File Upload
This module exploits a file upload vulnerability in Novell ZENworks Configuration Management ZCM, which is part of the ZENworks Suite. The vulnerability exists in the UploadServlet which accepts unauthenticated file uploads and does not check the "uid" parameter for directory traversal characters...