If .htaccess isn't blacklisted on a file upload you can allow for the execution of custom file extensions which can obviously lead to RCE
SeManageVolumePrivilege can be abused in a badass way, giving full write permissions to C:\ and replacing system DLLs with malicious one
Last updated 10 months ago
