Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5099
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote malicious users to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions...
Anchor Anchor Cms 0.9.1
1 EDB exploit
NA
CVE-2015-5687
system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.
Anchorcms Anchor Cms 0.9.3
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms 0.9.2
NA
CVE-2014-9182
models/comment.php in Anchor CMS 0.9.2 and previous versions allows remote malicious users to inject arbitrary headers into mail messages via a crafted Host: header.
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms
6.1
CVSSv3
CVE-2021-44116
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious oper...
Anchorcms Anchor Cms
6.1
CVSSv3
CVE-2015-5060
Cross-site scripting (XSS) vulnerability in anchor-cms prior to 0.9-dev.
Anchorcms Anchor Cms
4.8
CVSSv3
CVE-2020-12071
Anchor 0.12.7 allows admins to cause XSS via crafted post content.
Anchorcms Anchor 0.12.7
9.8
CVSSv3
CVE-2018-7251
An issue exists in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
Anchorcms Anchor 0.12.3
1 EDB exploit
6.1
CVSSv3
CVE-2024-22287
Cross-Site Request Forgery (CSRF) vulnerability in Ludek Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a up to and including 1.7.5.
Ludek Better Anchor Links
4.5
CVSSv3
CVE-2022-25576
Anchor CMS v0.12.7 exists to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows malicious users to arbitrarily delete posts.
Anchorcms Anchor Cms 0.12.7
5.4
CVSSv3
CVE-2021-46253
A cross-site scripting (XSS) vulnerability in the Create Post function of Anchor CMS v0.12.7 allows malicious users to execute arbitrary web scripts or HTML.
Anchorcms Anchor Cms 0.12.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »