A remote code execution vulnerability exits in Apache Struts such that upon successful exploitation a malicious expression can be used to execute arbitrary code on server side when Dynamic Method Invocation is enabled.
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0066.
A Cross Site Scripting vulnerability has been reported in WordPress WP-EMail Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary script code on the affected website.
A Cross-Site Scripting vulnerability was found in the Check Email WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this issue, the attacker has to lure/force a logged on WordPress Administrator into opening a malicious website.
A buffer overflow in OpenJPEG causes arbitrary code execution when parsing a crafted image file. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution.
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.