CVE-2016-8938
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer’s production applications.
Source: CVE-2016-8938