CVE-2014-8678 Information

Description

The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to \disclose\ files via a crafted filename related to \saveFile.\

Reference

http://www.zerodayinitiative.com/advisories/ZDI-14-386/