- It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
- Upgrade to the latest version of JBoss.
- Apache Struts2 Remote Command Execution (S2-053)
- Magento remote code execution
- WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)
- WordPress Plugin WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)
- Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)