Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5099
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote malicious users to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions...
Anchor Anchor Cms 0.9.1
1 EDB exploit
NA
CVE-2015-5687
system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.
Anchorcms Anchor Cms 0.9.3
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms 0.9.2
NA
CVE-2014-9182
models/comment.php in Anchor CMS 0.9.2 and previous versions allows remote malicious users to inject arbitrary headers into mail messages via a crafted Host: header.
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms
6.1
CVSSv3
CVE-2021-44116
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious oper...
Anchorcms Anchor Cms
6.1
CVSSv3
CVE-2015-5060
Cross-site scripting (XSS) vulnerability in anchor-cms prior to 0.9-dev.
Anchorcms Anchor Cms
9.8
CVSSv3
CVE-2018-7251
An issue exists in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
Anchorcms Anchor 0.12.3
1 EDB exploit
4.8
CVSSv3
CVE-2020-12071
Anchor 0.12.7 allows admins to cause XSS via crafted post content.
Anchorcms Anchor 0.12.7
4.5
CVSSv3
CVE-2022-25576
Anchor CMS v0.12.7 exists to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows malicious users to arbitrarily delete posts.
Anchorcms Anchor Cms 0.12.7
8.8
CVSSv3
CVE-2020-23342
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
Anchorcms Anchor Cms 0.12.7
1 Github repository
6.1
CVSSv3
CVE-2024-22287
Cross-Site Request Forgery (CSRF) vulnerability in Ludek Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a up to and including 1.7.5.
Ludek Better Anchor Links
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »