Analyzed
about 15 hours
ago.
based on code collected
about 18 hours
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2024-29499 | BDSA-2024-0712 | Mar 22, 2024 | Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/users/delete/2. |
0.12.7, 0.12.6, 0.12.3, 0.12.1, 0.12, 0.11, 0.9.3, 0.9.2, 0.9.1, 0.9
|
|
| CVE-2024-29338 | BDSA-2024-0713 | Mar 22, 2024 | Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/categories/delete/2. |
0.12.7, 0.12.6, 0.12.3, 0.12.1, 0.12, 0.11, 0.9.3, 0.9.2, 0.9.1, 0.9
|
|
| CVE-2022-25576 | Medium | Mar 24, 2022 | Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows a more... |
0.12.7, 0.12.6, 0.12.3, 0.12.1, 0.12, 0.11, 0.9.3, 0.9.2, 0.9.1, 0.9
|
|
| CVE-2021-46253 | Medium | Feb 01, 2022 | A cross-site scripting (XSS) vulnerability in the Create Post function of Anchor CMS v0.12.7 allows attackers to execute arbitrary web scripts or HTML. more... |
0.12.7
|
|
| CVE-2021-44116 | Medium | Dec 15, 2021 | Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content more... |
0.12.7, 0.12.6, 0.12.3, 0.12.1, 0.12, 0.11, 0.9.3, 0.9.2, 0.9.1, 0.9
|
|
| CVE-2020-23342 | BDSA-2021-0159 | High | Jan 19, 2021 | A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. |
0.12.7
|
| CVE-2020-12071 | BDSA-2020-4085 | Medium | Apr 23, 2020 | Anchor 0.12.7 allows admins to cause XSS via crafted post content. |
0.12.7
|
| BDSA-2021-0023 | High | Jan 11, 2021 | Anchor content management system (CMS) is vulnerable to stored cross-site scripting (XSS) due to improper input validation. A remote attacker could ins more... | ||
| BDSA-2020-4062 | Medium | Jan 12, 2021 | Anchor content management system (CMS) is vulnerable to stored cross-site scripting (XSS) via the `markdown` parameter. An attacker can take advantage more... |
