Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2013-5099
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote malicious users to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions...
Anchor Anchor Cms 0.9.1
1 EDB exploit
7.5
CVSSv2
CVE-2015-5687
system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.
Anchorcms Anchor Cms 0.9.3
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms 0.9.2
4.3
CVSSv2
CVE-2014-9182
models/comment.php in Anchor CMS 0.9.2 and previous versions allows remote malicious users to inject arbitrary headers into mail messages via a crafted Host: header.
Anchorcms Anchor Cms 0.9.1
Anchorcms Anchor Cms
3.5
CVSSv2
CVE-2020-12071
Anchor 0.12.7 allows admins to cause XSS via crafted post content.
Anchorcms Anchor 0.12.7
4.3
CVSSv2
CVE-2021-44116
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious oper...
Anchorcms Anchor Cms
4.3
CVSSv2
CVE-2015-5060
Cross-site scripting (XSS) vulnerability in anchor-cms prior to 0.9-dev.
Anchorcms Anchor Cms
5
CVSSv2
CVE-2018-7251
An issue exists in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
Anchorcms Anchor 0.12.3
1 EDB exploit
6.8
CVSSv2
CVE-2020-23342
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
Anchorcms Anchor Cms 0.12.7
1 Github repository
3.5
CVSSv2
CVE-2022-25576
Anchor CMS v0.12.7 exists to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows malicious users to arbitrarily delete posts.
Anchorcms Anchor Cms 0.12.7
NA
CVE-2024-22287
Cross-Site Request Forgery (CSRF) vulnerability in Ludek Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a up to and including 1.7.5.
Ludek Better Anchor Links
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »