ManageEngine EventLog Analyzer Exploit

ManageEngine EventLog Analyzer is vulnerable to abuse a SQL query functionality that allows attackers to insert and export a crafted JSP using 'guest' credentials allowing us to install an agent.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-7387
Product Version: 
2015_R1
Released Date: 
Thursday, November 5, 2015 - 00:00