Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-27T17:33:26
Updated: 2024-08-06T18:09:16.314Z
Reserved: 2014-07-18T00:00:00
Link: CVE-2013-7390
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-01-27T18:15:10.743
Modified: 2024-11-21T02:00:54.547
Link: CVE-2013-7390
Redhat
No data.