Titulo completo: ManageEngine ServiceDesk Plus Arbitrary File Upload Exploit 
Categoria: remote exploits
Platforma: jsp
This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.

# 0day.today @ http://0day.today/