FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote malicious users to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
novell groupwise 2014 |
Vulmon