Vendor
Anchorcms
Products
1
CVEs
3
Across products
8
Status
Private
Products
1- 8 CVEs
Recent CVEs
3| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-5060 | Med | 0.40 | 6.1 | 0.00 | Sep 7, 2017 | Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev. | |
| CVE-2015-5687 | 0.00 | — | 0.01 | Oct 5, 2015 | system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie. | ||
| CVE-2014-9182 | 0.00 | — | 0.00 | Dec 2, 2014 | models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attackers to inject arbitrary headers into mail messages via a crafted Host: header. |