Premium SEO Pack 1.8.0 - Unauthenicated Arbitrary File Upload & LFD

This plugin is vulnerable to Local File Disclosure and Remote Code Execute via Arbitrary File Upload. BASE64 ENCODED SHELL...

Symantec Web Gateway 5.0.3.18 LFI / Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...