Code White found several vulnerabilities in Symantec Endpoint Protection
(SEP), affecting versions 12.1 prior to 12.1 RU6 MP1.
SEP Manager (SEPM):
* CVE-2015-1486: Authentication Bypass
* CVE-2015-1487: Arbitrary File Write
* CVE-2015-1488: Arbitrary File Read
* CVE-2015-1489: Privilege Escalatio
PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web
Application 0-Day Bug
Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security
Vulnerability
Product: PhotoPost PHP
Vendor: PhotoPost
Vulnerable Versions: 4.8c 4.8.6 4.8.5 4.8.2 3.1.1 vB3
Tested Version: 4.8c v
