Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2018-14840
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
Intelliants Subrion 4.2.1
1 EDB exploit
NA
CVE-2023-46947
Subrion 4.2.1 has a remote command execution vulnerability in the backend.
Intelliants Subrion 4.2.1
355
VMScore
CVE-2019-17225
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.
Intelliants Subrion 4.2.1
1 EDB exploit
383
VMScore
CVE-2020-22330
Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page.
Intelliants Subrion 4.2.1
312
VMScore
CVE-2021-43724
A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS up to and including 4.2.1 in the Create Page functionality of the admin Account via a SGV file.
Intelliants Subrion Cms
NA
CVE-2023-43828
A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter.
Intelliants Subrion 4.2.1
NA
CVE-2023-43830
A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or ...
Intelliants Subrion 4.2.1
NA
CVE-2023-43884
A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.
Intelliants Subrion 4.2.1
668
VMScore
CVE-2017-5543
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote malicious users to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request.
Intelliants Subrion 4.0.5
578
VMScore
CVE-2015-4129
SQL injection vulnerability in Subrion CMS prior to 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.
Intelliants Subrion Cms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »