Anchorcms

Anchor

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.4

CVE-2024-29338

Exploit
  • EPSS 0.08%
  • Published 22.03.2024 17:15:08
  • Last modified 28.03.2025 17:39:33

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/categories/delete/2.

4.8

CVE-2020-12071

Exploit
  • EPSS 0.32%
  • Published 23.04.2020 02:15:11
  • Last modified 21.11.2024 04:59:13

Anchor 0.12.7 allows admins to cause XSS via crafted post content.

9.8

CVE-2018-7251

  • EPSS 92.81%
  • Published 19.02.2018 22:29:00
  • Last modified 21.11.2024 04:11:53

An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.