CVE-2019-10012
Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the Moxie Manager plugin before 2.1.4 in the ICSICS.NETICSFileServer/moxiemanager directory.
Source: CVE-2019-10012