Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion 4.2.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-46947
Subrion 4.2.1 has a remote command execution vulnerability in the backend.
Intelliants Subrion 4.2.1
6.5
CVSSv3
CVE-2020-12467
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.
Intelliants Subrion 4.2.1
7.8
CVSSv3
CVE-2020-12468
Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/.
Intelliants Subrion 4.2.1
6.1
CVSSv3
CVE-2019-20389
An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within multipart/form-data), which is reflected back within a user's browser without p...
Intelliants Subrion 4.2.1
8.1
CVSSv3
CVE-2019-20390
A Cross-Site Request Forgery (CSRF) vulnerability exists in Subrion CMS 4.2.1 that allows a remote malicious user to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to vali...
Intelliants Subrion 4.2.1
6.1
CVSSv3
CVE-2018-15563
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
Intelliants Subrion 4.2.1
5.4
CVSSv3
CVE-2023-43830
A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or ...
Intelliants Subrion 4.2.1
5.4
CVSSv3
CVE-2019-7356
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Intelliants Subrion 4.2.1
6.1
CVSSv3
CVE-2020-22330
Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page.
Intelliants Subrion 4.2.1
4.8
CVSSv3
CVE-2018-16327
There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.
Intelliants Subrion 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »