Anchor · Anchor Cms · CVE-2015-5687
**Name of the Vulnerable Software and Affected Versions**
Anchor CMS versions 0.9.x
**Description**
The issue allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in a cookie. This is related to the system/session/drivers/cookie.php file.
**Recommendations**
For Anchor CMS versions 0.9.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.