Umbraco CMS version 4.7.0 is vulnerable to a remote code execution vulnerability. An attacker can upload files via an unsecured web service located at /umbraco/webservices/codeEditorSave.asmx (method SaveDLRScript). Acunetix created a file named testAcunetix.test to test for this vulnerability.
Upgrade to the latest version of Umbraco CMS.
JBoss InvokerTransformer Remote Code Execution
Unauthenticated OGNL injection in Confluence Server and Data Center
WordPress Plugin Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11)
WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)