Vulnerabilities > Anchorcms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-24 | CVE-2024-37732 | Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.12.7 Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file. | 6.1 |
| 2022-03-24 | CVE-2022-25576 | Cross-Site Request Forgery (CSRF) vulnerability in Anchorcms Anchor CMS 0.12.7 Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. | 4.5 |
| 2022-02-01 | CVE-2021-46253 | Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.12.7 A cross-site scripting (XSS) vulnerability in the Create Post function of Anchor CMS v0.12.7 allows attackers to execute arbitrary web scripts or HTML. | 5.4 |
| 2021-12-15 | CVE-2021-44116 | Cross-site Scripting vulnerability in Anchorcms Anchor CMS Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. | 6.1 |
| 2021-01-19 | CVE-2020-23342 | Cross-Site Request Forgery (CSRF) vulnerability in Anchorcms Anchor CMS 0.12.7 A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. | 8.8 |
| 2020-04-23 | CVE-2020-12071 | Cross-site Scripting vulnerability in Anchorcms Anchor 0.12.7 Anchor 0.12.7 allows admins to cause XSS via crafted post content. | 4.8 |
| 2018-02-19 | CVE-2018-7251 | Information Exposure vulnerability in Anchorcms Anchor 0.12.3 An issue was discovered in config/error.php in Anchor 0.12.3. | 9.8 |
| 2017-09-07 | CVE-2015-5060 | Cross-site Scripting vulnerability in Anchorcms Anchor CMS Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev. | 6.1 |