Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion 4.2.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-18155
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
Intelliants Subrion 4.2.1
8.8
CVSSv3
CVE-2023-46947
Subrion 4.2.1 has a remote command execution vulnerability in the backend.
Intelliants Subrion 4.2.1
8.8
CVSSv3
CVE-2021-43464
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
Intelliants Subrion Cms 4.2.1
8.8
CVSSv3
CVE-2020-18326
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
Intelliants Subrion Cms 4.2.1
1 Github repository
8.8
CVSSv3
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
Intelliants Subrion Cms 4.2.1
8.1
CVSSv3
CVE-2019-20390
A Cross-Site Request Forgery (CSRF) vulnerability exists in Subrion CMS 4.2.1 that allows a remote malicious user to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to vali...
Intelliants Subrion 4.2.1
7.8
CVSSv3
CVE-2020-12468
Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/.
Intelliants Subrion 4.2.1
7.2
CVSSv3
CVE-2021-41947
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
Intelliants Subrion Cms 4.2.1
7.2
CVSSv3
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote malicious users to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Intelliants Subrion Cms 4.2.1
2 Github repositories
6.5
CVSSv3
CVE-2020-12467
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.
Intelliants Subrion 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »