Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4772
SQL injection vulnerability in register/ in Subrion CMS prior to 2.2.3 allows remote malicious users to execute arbitrary SQL commands via the plan_id parameter.
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
1 EDB exploit
NA
CVE-2012-4771
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/manage/, or (3) admin/manage/blocks/edit/; or (4) group parameter to admin/...
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
1 EDB exploit
NA
CVE-2012-4773
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account ...
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
2 EDB exploits
8.8
CVSSv3
CVE-2018-21037
Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.
Intelliants Subrion
6.1
CVSSv3
CVE-2020-23761
Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote malicious users to execute arbitrary web script via the "payment gateway" column on transactions tab.
Intelliants Subrion
6.1
CVSSv3
CVE-2018-11317
Subrion CMS prior to 4.1.4 has XSS.
Intelliants Subrion
8.8
CVSSv3
CVE-2017-15063
There are CSRF vulnerabilities in Subrion CMS 4.1.x up to and including 4.1.5, and prior to 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter...
Intelliants Subrion
5.4
CVSSv3
CVE-2021-41948
A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects".
Intelliants Subrion
6.5
CVSSv3
CVE-2020-12469
admin/blocks.php in Subrion CMS up to and including 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.
Intelliants Subrion
NA
CVE-2014-9120
Cross-site scripting (XSS) vulnerability in Subrion CMS prior to 3.2.3 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.
Intelliants Subrion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »