CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-5687

system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://seclists.org/fulldisclosure/2015/Aug/76
http://seclists.org/fulldisclosure/2015/Aug/83
https://github.com/anchorcms/anchor-cms/pull/904
http://seclists.org/fulldisclosure/2015/Aug/76
http://seclists.org/fulldisclosure/2015/Aug/83
https://github.com/anchorcms/anchor-cms/pull/904

Products affected by CVE-2015-5687

Anchorcms » Anchor Cms » Version: 0.9.1

cpe:2.3:a:anchorcms:anchor_cms:0.9.1
Anchorcms » Anchor Cms » Version: 0.9.2

cpe:2.3:a:anchorcms:anchor_cms:0.9.2
Anchorcms » Anchor Cms » Version: 0.9.3

cpe:2.3:a:anchorcms:anchor_cms:0.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5687

Products

Pricing

Contact Us