Vulnerabilities > Anchorcms > Anchor CMS > 0.9.1

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-44116 Cross-site Scripting vulnerability in Anchorcms Anchor CMS
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php.
network
anchorcms CWE-79
4.3
4.3
2017-09-07 CVE-2015-5060 Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.9.1
Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev.
network
anchorcms CWE-79
4.3
4.3
2015-10-05 CVE-2015-5687 Code Injection vulnerability in Anchorcms Anchor CMS 0.9.1/0.9.2/0.9.3
system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.
network
low complexity
anchorcms CWE-94
7.5
7.5
2014-12-02 CVE-2014-9182 Cross-Site Scripting vulnerability in Anchorcms Anchor CMS 0.9.1
models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attackers to inject arbitrary headers into mail messages via a crafted Host: header.
network
anchorcms CWE-79
4.3
4.3