• Possible Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle XML payloads.

• Upgrade to Struts 2.5.13 or Struts 2.3.34.

• • Security Bulletin S2-052

• 

• CVE-2017-9805

• CWE-94

• CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

• Code Execution Known Vulnerabilities

• WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
• Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7)
• WordPress Plugin MailPress Remote Code Execution (7.0.2)
• WordPress Plugin Form Manager Remote Command Execution (1.7.2)
• Rails remote code execution using render :inline