Vulnerabilities > Anchorcms > Anchor CMS > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-24 CVE-2024-37732 Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.12.7
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file.
network
low complexity
anchorcms CWE-79
6.1
2022-03-24 CVE-2022-25576 Cross-Site Request Forgery (CSRF) vulnerability in Anchorcms Anchor CMS 0.12.7
Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php.
network
low complexity
anchorcms CWE-352
4.5
2022-02-01 CVE-2021-46253 Cross-site Scripting vulnerability in Anchorcms Anchor CMS 0.12.7
A cross-site scripting (XSS) vulnerability in the Create Post function of Anchor CMS v0.12.7 allows attackers to execute arbitrary web scripts or HTML.
network
low complexity
anchorcms CWE-79
5.4
2021-12-15 CVE-2021-44116 Cross-site Scripting vulnerability in Anchorcms Anchor CMS
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php.
network
low complexity
anchorcms CWE-79
6.1
2017-09-07 CVE-2015-5060 Cross-site Scripting vulnerability in Anchorcms Anchor CMS
Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev.
network
low complexity
anchorcms CWE-79
6.1